-
Notifications
You must be signed in to change notification settings - Fork 678
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[proposal] Introduce Network Layer Analyzer #16
Comments
You mean analyzers that work at the IP layer? Is there any real use for that (e.g. any protocol that needs it?) |
Yes. Some applications connect to fixed IP addresses for communication instead of domain (e.g. telegram, QQ, etc.). Supporting this may make block these ones easily. Furthermore, there's also possibility that pass IP address to upper analyzers, combining them together for more precise traffic marking (e.g A request with non-mainland IP but followed with such as |
Analyzers only provide props for rules, they don't make verdict themselves. Also, there are already built-in props that pass information like ip/port to expressions: https://github.com/apernet/OpenGFW/blob/master/ruleset/expr.go#L145 |
Basically you can have rules like Although |
Thanks for your answer. I apologize for not reading the source code carefully. |
I read some source code and found analyzer based on network layer has yet to be implemented. Is there consideration for making it happen?
The text was updated successfully, but these errors were encountered: