Forum Replies Created
-
Posts
-
Hi launcelot!
It’s not possible to create 100% reliable P2P filter. For instance, torrent protocol is able to use end-to-end ecnryption and then even deep packet inspection doesn’t do the trick. I guess other protocols do the same as well or are tending to.
By the way, L7 filter is not intended to use by firewalls but for QoS shapers. IPP2P filter works only for unencrypted traffic.
What you can do is to create LOW_PRIORITY traffic class where you put packets you don’t know. All other traffic like VoIP, HTTP, SMTP, IMAP, POP3, DNS can be distinguished by L7-filter or by protocol type (ICMP).
Cheers
JojoYou can also limit ICMP traffic by creating QoS rule for ICMP and combine it with maximum ICMP echo-request size in your Firewall.
For instance common icmp echo-request size from windows workstation is 32+28=60B. If you create QoS class with maximum speed of 600B/s=4800bit/s, then you will allow only 10 requests/second.
