Hi Richard, On 05 May 2014, at 14:21, Richard Thornton <richie.thorn...@gmail.com> wrote:
> Does anybody know of any integration between PF and ndpi? the previous consensus[1] was that pf(4) and DPI do not mix very well, but you can probably use relayd(8) and run e.g. NDPI on top[2]. Grabbing all traffic is not really fast, especially with no multithreading inside pf(4). A quick alternative would be netmap(4), but that's not available for OpenBSD. > If there is nothing out there, would it be a lot of work, is ndpi already > working in OpenBSD? It's *a lot* of work, especially when you want 1G and up. Cheers, Franco [1] http://marc.info/?t=136735045200001&r=1&w=2 [2] http://quigon.bsws.de/papers/2013/vbsdcon/
