Announcement

Collapse
No announcement yet.

Block openvpn or any vpn traffic

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Block openvpn or any vpn traffic

    Hi, I am new to untangle.

    Unlike application control, application control lite has no default values to choose there.
    So, if I am new to untangle and would like to block openvpn and or other vpn traffic with application control lite,
    how will I do it ? Or what signature to use for it and add ?

    Where will you get the values for
    1. protocol
    2. category
    3. signature
    Tags: None
  • #2
    Information is on the wiki.

    Application Control Lite - Edge Threat Management Wiki - Arista
    https://wiki.untangle.com/index.php/Application_Control_Lite#Signatures
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email [email protected]

    Comment

    • #3
      jcoffin, thanks for your reply. you are very accomodating. with the link you provided, I see that only cisco vpn is available, it does not include openvpn.

      Comment

      • #4
        Yes, you will need to write your own signature using regular expressions.
        Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
        If you need Untangle support please call or email [email protected]

        Comment

        • #5
          ok, but can you kindly give me a head start on how create own signature using regular expressions and how to know what regular expression to write base on what is needed. I would like to give it a try.

          Comment

          • #6
            rom19.mel79:

            Stare here:
            http://l7-filter.sourceforge.net/Pattern-HOWTO
            "Of all the things I've lost, I miss my mind the most"
            [email protected]
            http://gustavsson.it

            Comment

            • #7
              Originally posted by WebFooL View Post
              rom19.mel79:

              Stare here:
              http://l7-filter.sourceforge.net/Pattern-HOWTO
              Yes, I am somewhat aware of the site but my problem now is how will check the traffic and create regex pattern for it. Can you please kindly tell me how.

              For example,

              vnc
              ^rfb 00[1-9]\.00[0-9]\x0a$

              How did we arrive at getting the regex pattern ^rfb 00[1-9]\.00[0-9]\x0a$ for vnc ?
              Last edited by rom19.mel79; 09-13-2016, 04:37 PM.

              Comment

              • #8
                From that site

                Recommended procedure for writing patterns
                Find and read the spec for the protocol you wish to match. If it's an Internet standard, RFCs are a good place to start, although not all standards are RFCs. If it is a proprietary protocol, it is likely that someone has written a reverse-engineered spec for it. Do a general web search to find it. Skipping this step is a good way to write patterns that are overly specific!
                Use something like Wireshark (formerly known as Ethereal) to watch packets of this protocol go by in a typical session of its use. (If you failed to find a spec for your protocol, but Wireshark can parse it, reading the Wireshark source code may also be worth your time.)
                Write a pattern that will reliably match one of the first few packets that are sent in your protocol. Test it. Test its performance.
                Send your pattern to l7-filter-developers{/-\T}lists*sf*net for it to be incorporated into the official pattern definitions (you must subscribe first).
                "Of all the things I've lost, I miss my mind the most"
                [email protected]
                http://gustavsson.it

                Comment

                Previous template Next
                Working...
                X
                😀
                🥰
                🤢
                😎
                😡
                👍
                👎