| 1 |
c97ab82a
|
Ermal Lu?i
|
# HTTP - Audio over HyperText Transfer Protocol (RFC 2616)
|
| 2 |
|
|
# Pattern attributes: good notsofast notsofast subset
|
| 3 |
|
|
# Protocol groups: streaming_audio document_retrieval ietf_draft_standard
|
| 4 |
|
|
# Wiki: http://protocolinfo.org/wiki/HTTP
|
| 5 |
|
|
# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE
|
| 6 |
|
|
#
|
| 7 |
|
|
# Usually runs on port 80
|
| 8 |
|
|
#
|
| 9 |
|
|
# Contributed by Deepak Seshadri <dseshadri AT broadbandmaritime.com>
|
| 10 |
|
|
#
|
| 11 |
|
|
# This pattern has been tested and is believed to work well.
|
| 12 |
|
|
#
|
| 13 |
|
|
# To get or provide more information about this protocol and/or pattern:
|
| 14 |
|
|
# http://www.protocolinfo.org/wiki/HTTP
|
| 15 |
|
|
# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers
|
| 16 |
|
|
#
|
| 17 |
|
|
# If you use this, you should be aware that:
|
| 18 |
|
|
#
|
| 19 |
|
|
# - they match both simple downloads of audio/video and streaming content.
|
| 20 |
|
|
#
|
| 21 |
|
|
# - blocking based on content-type encourages server
|
| 22 |
|
|
# writers/administrators to misreport content-type (which will just make
|
| 23 |
|
|
# headaches for everyone, including us), so I would strongly recommend
|
| 24 |
|
|
# shaping audio/video down to a speed that discourages use of streaming
|
| 25 |
|
|
# players without actually blocking it.
|
| 26 |
|
|
#
|
| 27 |
|
|
# - obviously, since this is a subset of HTTP, you need to match it
|
| 28 |
|
|
# earlier in your iptables rules than HTTP.
|
| 29 |
|
|
|
| 30 |
|
|
httpaudio
|
| 31 |
|
|
http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: audio)
|