snort and suricata. Eero
su 19. elok. 2018 klo 20.52 Reco <recovery...@gmail.com> kirjoitti: > Hi. > > On Sun, Aug 19, 2018 at 08:31:42PM +0300, Mimiko wrote: > > Hello. > > > > Maybe this was answered. Is there a Deep Packet Inspection to use in > Debian 9 for a firewall setup? Opensource and maybe in repository. > > Once upon a time there was so called l7filter (main suite), which was > packaged for Debian, but it was excluded from current stable. > Not a big loss IMO, as l7filter was only good for traffic classification > (netfilter mangle table). > > You may want to check a set of kernel patches called nDPI - [1] (sorry > for the GitHub link). It will take a patched kernel *and* iptables suite > to make the thing run, and I suspect that amd64 is the only supported > architecture. > > If software archeology is your thing, there's OpenDPI - [2] (sorry for > the GitHub link again). > > As far as I can tell, there's no DPI software packaged for current > stable at all. > > [1] https://github.com/vel21ripn/nDPI > > [2] https://github.com/thomasbhatia/OpenDPI > > Reco > >
