KILLSTREAM
Last updated
Was this helpful?
Last updated
Was this helpful?
The KILLSTREAM
command inspects network traffic for activity on the specified ports which matches a regular expression. The stream is then terminated via a TCP FIN injection.
The KILLSTREAM
command expects several options:
KILLSTREAM
requires a network interface. Typically on the Packet Squirrel this is br-lan
, the virtual interface which connects the Ethernet ports.
KILLSTREAM
requires a direction: It can match on CLIENT
requests, SERVER
responses, or packets in ANY
direction.
KILLSTREAM
matches on a basic .
This expression can be as simple as the text to match, such as "Authorization: Basic"
, or a complex match such as "[0-9]{4}-[0-9]{4}-[0-9]{4}-[0-9]{4}"
to match four groups of four digits.
KILLSTREAM
can match any number of ports.
The most basic use of the KILLSTREAM
command is to prevent streams with specified content. For instance to kill any stream using HTTP Basic authentication, while allowing normal HTTP traffic: