Results 1 to 8 of 8
  1. #1
    Newbie
    Join Date
    Sep 2016
    Posts
    6

    Default Block openvpn or any vpn traffic

    Hi, I am new to untangle.

    Unlike application control, application control lite has no default values to choose there.
    So, if I am new to untangle and would like to block openvpn and or other vpn traffic with application control lite,
    how will I do it ? Or what signature to use for it and add ?

    Where will you get the values for
    1. protocol
    2. category
    3. signature

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,898
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Sep 2016
    Posts
    6

    Default

    jcoffin, thanks for your reply. you are very accomodating. with the link you provided, I see that only cisco vpn is available, it does not include openvpn.

  4. #4
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Yes, you will need to write your own signature using regular expressions.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Newbie
    Join Date
    Sep 2016
    Posts
    6

    Default

    ok, but can you kindly give me a head start on how create own signature using regular expressions and how to know what regular expression to write base on what is needed. I would like to give it a try.

  6. #6

  7. #7
    Newbie
    Join Date
    Sep 2016
    Posts
    6

    Default

    Quote Originally Posted by WebFooL View Post
    Yes, I am somewhat aware of the site but my problem now is how will check the traffic and create regex pattern for it. Can you please kindly tell me how.

    For example,

    vnc
    ^rfb 00[1-9]\.00[0-9]\x0a$

    How did we arrive at getting the regex pattern ^rfb 00[1-9]\.00[0-9]\x0a$ for vnc ?
    Last edited by rom19.mel79; 09-13-2016 at 04:37 PM.

  8. #8
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,111

    Default

    From that site

    Recommended procedure for writing patterns
    Find and read the spec for the protocol you wish to match. If it's an Internet standard, RFCs are a good place to start, although not all standards are RFCs. If it is a proprietary protocol, it is likely that someone has written a reverse-engineered spec for it. Do a general web search to find it. Skipping this step is a good way to write patterns that are overly specific!
    Use something like Wireshark (formerly known as Ethereal) to watch packets of this protocol go by in a typical session of its use. (If you failed to find a spec for your protocol, but Wireshark can parse it, reading the Wireshark source code may also be worth your time.)
    Write a pattern that will reliably match one of the first few packets that are sent in your protocol. Test it. Test its performance.
    Send your pattern to l7-filter-developers{/-\T}lists*sf*net for it to be incorporated into the official pattern definitions (you must subscribe first).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2