Can anyone suggest any open source DPI (deep packet inspection) projects?
I am working on various telco projects in emerging markets, but can't
quite justify the price for the bigger and more well known players.
(Until then, I'll have to rely on some of the more well known Linux
and BSD traffic shaping tools)
I'll recommend Bro-IDS (http://www.bro-ids.org/) as it's what I spend my days working on. It's essentially a programming language for long term network traffic monitoring which is focused on doing deep decoding of application layer protocols. (and it's BSD licensed!)
.Seth
> Can anyone suggest any open source DPI (deep packet inspection)
projects?I'll recommend Bro-IDS (http://www.bro-ids.org/) as it's what I spend my
days working on. It's essentially a programming language for long term
network traffic monitoring which is focused on doing deep decoding of
application layer protocols. (and it's BSD licensed!)
http://l7-filter.sourceforge.net/ might be another candidate.
How about RouterOS from Mikrotik ?
You cannot beat a $70 RB750G for doing P2P hijacking.
F.
I gotta say that those microtik boxed are pretty impressive. I have quite a few that give me Layer 2 VPN in the lab and they have been faultless so far.
And if you would like 64bit and/or IPv6 support, try Suricata:
http://www.openinfosecfoundation.org/
Tom
Another good open-source one with IPv6, Sourcefire rules support,
stateful firewall and filtering at traffic and web address level etc
is Vyatta (http://www.vyatta.org and http://www.vyatta.com). They're
also rather nice routers if I do say so myself.
Do let us know which one you end up picking and how you go with it.
Cheers
Alex