diff -urNp iptables-1.3.2.new/extensions/.ipp2p-test iptables-1.3.2.ipp2p/extensions/.ipp2p-test
--- iptables-1.3.2.new/extensions/.ipp2p-test 1970-01-01 01:00:00.000000000 +0100
+++ iptables-1.3.2.ipp2p/extensions/.ipp2p-test 2005-07-28 14:55:01.000000000 +0200
@@ -0,0 +1,2 @@
+#! /bin/sh
+[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_ipp2p.h ] && echo ipp2p
diff -urNp iptables-1.3.2.new/extensions/libipt_ipp2p.c iptables-1.3.2.ipp2p/extensions/libipt_ipp2p.c
--- iptables-1.3.2.new/extensions/libipt_ipp2p.c 1970-01-01 01:00:00.000000000 +0100
+++ iptables-1.3.2.ipp2p/extensions/libipt_ipp2p.c 2005-07-28 14:55:01.000000000 +0200
@@ -0,0 +1,455 @@
+
+#include <stdio.h>
+#include <netdb.h>
+#include <string.h>
+#include <stdlib.h>
+#include <getopt.h>
+#include <ctype.h>
+
+#include <iptables.h>
+
+#include <linux/netfilter_ipv4/ipt_ipp2p.h>
+
+
+
+
+static void
+help(void)
+{
+ printf(
+ "IPP2P v%s options:\n"
+ " --ipp2p Grab all known p2p packets\n"
+ " --ipp2p-data Identify all known p2p download commands (obsolete)\n\n"
+ " --edk [TCP&UDP] All known eDonkey/eMule/Overnet packets\n"
+ " --dc [TCP] All known Direct Connect packets\n"
+ " --kazaa [TCP&UDP] All known KaZaA packets\n"
+ " --gnu [TCP&UDP] All known Gnutella packets\n"
+ " --bit [TCP&UDP] All known BitTorrent packets\n"
+ " --apple [TCP] All known AppleJuice packets (beta - just a few tests until now)\n"
+ " --winmx [TCP] All known WinMX (beta - need feedback)\n"
+ " --soul [TCP] All known SoulSeek (beta - need feedback!)\n"
+ " --ares [TCP] All known Ares - use with DROP only (beta - need feedback!)\n\n"
+ " --edk-data [TCP] eDonkey/eMule/Overnet download commands (obsolete)\n"
+ " --dc-data [TCP] Direct Connect download command (obsolete)\n"
+ " --kazaa-data [TCP] KaZaA download command (obsolete)\n"
+ " --gnu-data [TCP] Gnutella download command (obsolete)\n"
+ "\nNote that the follwing options will have the same meaning:\n"
+ " '--ipp2p' is equal to '--edk --dc --kazaa --gnu'\n"
+ " '--ipp2p-data' is equal to '--edk-data --dc-data --kazaa-data --gnu-data'\n"
+ "\nIPP2P was intended for TCP only. Due to increasing usage of UDP we needed to change this.\n"
+ "You can now use -p udp to search UDP packets only or without -p switch to search UDP and TCP packets.\n"
+ "\nSee README included with this package for more details or visit http://www.ipp2p.org\n"
+ "\nExamples:\n"
+ " iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01\n"
+ " iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP\n"
+ " iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP\n\n"
+ , IPP2P_VERSION);
+}
+
+
+
+static struct option opts[] = {
+ { "ipp2p", 0, 0, '1' },
+ { "edk", 0, 0, '2' },
+ { "ipp2p-data", 0, 0, '3' },
+ { "kazaa-data", 0, 0, '4' },
+ { "edk-data", 0, 0, '5' },
+ { "dc-data", 0, 0, '6' },
+ { "dc", 0, 0, '7' },
+ { "gnu-data", 0, 0, '8' },
+ { "gnu", 0, 0, '9' },
+ { "kazaa", 0, 0, 'a' },
+ { "bit", 0, 0, 'b' },
+ { "apple", 0, 0, 'c' },
+ { "soul", 0, 0, 'd' },
+ { "winmx", 0, 0, 'e' },
+ { "ares", 0, 0, 'f' },
+ { "debug", 0, 0, 'g' },
+ {0}
+};
+
+
+
+static void
+init(struct ipt_entry_match *m, unsigned int *nfcache)
+{
+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)m->data;
+
+ *nfcache |= NFC_UNKNOWN;
+
+ /*init the module with default values*/
+ info->cmd = 0;
+ info->debug = 0;
+
+}
+
+
+static int
+parse(int c, char **argv, int invert, unsigned int *flags,
+ const struct ipt_entry *entry,
+ unsigned int *nfcache,
+ struct ipt_entry_match **match)
+{
+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)(*match)->data;
+
+ switch (c) {
+ case '1': /*cmd: ipp2p*/
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags) != 0)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += SHORT_HAND_IPP2P;
+ info->cmd = *flags;
+ break;
+
+ case '2': /*cmd: edk*/
+ if ((*flags & IPP2P_EDK) == IPP2P_EDK)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--edk' may only be "
+ "specified once");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_DATA_EDK) == IPP2P_DATA_EDK)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--edk' OR `--edk-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_EDK;
+ info->cmd = *flags;
+ break;
+
+ case '3': /*cmd: ipp2p-data*/
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags) != 0)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += SHORT_HAND_DATA;
+ info->cmd = *flags;
+ break;
+
+ case '4': /*cmd: kazaa-data*/
+ if ((*flags & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--kazaa-data' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_KAZAA) == IPP2P_KAZAA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--kazaa' OR `--kazaa-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_DATA_KAZAA;
+ info->cmd = *flags;
+ break;
+
+ case '5': /*cmd: edk-data*/
+ if ((*flags & IPP2P_DATA_EDK) == IPP2P_DATA_EDK)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--edk-data' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_EDK) == IPP2P_EDK)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--edk' OR `--edk-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_DATA_EDK;
+ info->cmd = *flags;
+ break;
+
+ case '6': /*cmd: dc-data*/
+ if ((*flags & IPP2P_DATA_DC) == IPP2P_DATA_DC)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--dc-data' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_DC) == IPP2P_DC)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--dc' OR `--dc-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_DATA_DC;
+ info->cmd = *flags;
+ break;
+
+ case '7': /*cmd: dc*/
+ if ((*flags & IPP2P_DC) == IPP2P_DC)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--dc' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_DATA_DC) == IPP2P_DATA_DC)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--dc' OR `--dc-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_DC;
+ info->cmd = *flags;
+ break;
+
+
+ case '8': /*cmd: gnu-data*/
+ if ((*flags & IPP2P_DATA_GNU) == IPP2P_DATA_GNU)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--gnu-data' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_GNU) == IPP2P_GNU)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--gnu' OR `--gnu-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_DATA_GNU;
+ info->cmd = *flags;
+ break;
+
+ case '9': /*cmd: gnu*/
+ if ((*flags & IPP2P_GNU) == IPP2P_GNU)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--gnu' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_DATA_GNU) == IPP2P_DATA_GNU)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--gnu' OR `--gnu-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_GNU;
+ info->cmd = *flags;
+ break;
+
+ case 'a': /*cmd: kazaa*/
+ if ((*flags & IPP2P_KAZAA) == IPP2P_KAZAA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--kazaa' may only be "
+ "specified once!");
+ if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p-data' may only be "
+ "specified alone!");
+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ipp2p' may only be "
+ "specified alone!");
+ if ((*flags & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: use `--kazaa' OR `--kazaa-data' but not both of them!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_KAZAA;
+ info->cmd = *flags;
+ break;
+
+ case 'b': /*cmd: bit*/
+ if ((*flags & IPP2P_BIT) == IPP2P_BIT)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--bit' may only be "
+ "specified once!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_BIT;
+ info->cmd = *flags;
+ break;
+
+ case 'c': /*cmd: apple*/
+ if ((*flags & IPP2P_APPLE) == IPP2P_APPLE)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--apple' may only be "
+ "specified once!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_APPLE;
+ info->cmd = *flags;
+ break;
+
+
+ case 'd': /*cmd: soul*/
+ if ((*flags & IPP2P_SOUL) == IPP2P_SOUL)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--soul' may only be "
+ "specified once!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_SOUL;
+ info->cmd = *flags;
+ break;
+
+
+ case 'e': /*cmd: winmx*/
+ if ((*flags & IPP2P_WINMX) == IPP2P_WINMX)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--winmx' may only be "
+ "specified once!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_WINMX;
+ info->cmd = *flags;
+ break;
+
+ case 'f': /*cmd: ares*/
+ if ((*flags & IPP2P_ARES) == IPP2P_ARES)
+ exit_error(PARAMETER_PROBLEM,
+ "ipp2p: `--ares' may only be "
+ "specified once!");
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ *flags += IPP2P_ARES;
+ info->cmd = *flags;
+ break;
+
+ case 'g': /*cmd: debug*/
+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!");
+ info->debug = 1;
+ break;
+
+ default:
+ exit_error(PARAMETER_PROBLEM,
+ "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n");
+ return 0;
+ }
+ return 1;
+}
+
+
+static void
+final_check(unsigned int flags)
+{
+ if (!flags)
+ exit_error(PARAMETER_PROBLEM,
+ "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n");
+}
+
+
+
+static void
+print(const struct ipt_ip *ip,
+ const struct ipt_entry_match *match,
+ int numeric)
+{
+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data;
+
+ printf("ipp2p v%s", IPP2P_VERSION);
+ if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf(" --ipp2p");
+ if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf(" --ipp2p-data");
+ if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf(" --kazaa");
+ if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf(" --kazaa-data");
+ if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf(" --gnu-data");
+ if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf(" --gnu");
+ if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf(" --edk");
+ if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf(" --edk-data");
+ if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf(" --dc-data");
+ if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf(" --dc");
+ if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf(" --bit");
+ if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf(" --apple");
+ if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf(" --soul");
+ if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf(" --winmx");
+ if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf(" --ares");
+ if (info->debug != 0) printf(" --debug");
+ printf(" ");
+}
+
+
+
+static void
+save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
+{
+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data;
+
+ if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf("--ipp2p ");
+ if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf("--ipp2p-data ");
+ if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf("--kazaa ");
+ if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf("--kazaa-data ");
+ if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf("--gnu-data ");
+ if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf("--gnu ");
+ if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf("--edk ");
+ if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf("--edk-data ");
+ if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf("--dc-data ");
+ if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf("--dc ");
+ if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf("--bit ");
+ if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf("--apple ");
+ if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf("--soul ");
+ if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf("--winmx ");
+ if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf("--ares ");
+ if (info->debug != 0) printf("--debug ");
+}
+
+
+
+
+static
+struct iptables_match ipp2p
+= {
+ .next = NULL,
+ .name = "ipp2p",
+ .version = IPTABLES_VERSION,
+ .size = IPT_ALIGN(sizeof(struct ipt_p2p_info)),
+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_p2p_info)),
+ .help = &help,
+ .init = &init,
+ .parse = &parse,
+ .final_check = &final_check,
+ .print = &print,
+ .save = &save,
+ .extra_opts = opts
+};
+
+
+
+void _init(void)
+{
+ register_match(&ipp2p);
+}
+
diff -urNp iptables-1.3.2.new/extensions/libipt_ipp2p.man iptables-1.3.2.ipp2p/extensions/libipt_ipp2p.man
--- iptables-1.3.2.new/extensions/libipt_ipp2p.man 1970-01-01 01:00:00.000000000 +0100
+++ iptables-1.3.2.ipp2p/extensions/libipt_ipp2p.man 2005-07-28 14:55:01.000000000 +0200
@@ -0,0 +1,43 @@
+This module matches certain packets in P2P flows. It is not
+designed to match all packets belonging to a P2P connection -
+use IPP2P together with CONNMARK for this purpose. Also visit
+http://www.ipp2p.org for detailed information.
+
+Use it together with -p tcp or -p udp to search these protocols
+only or without -p switch to search packets of both protocols.
+
+IPP2P provides the following options:
+.TP
+.B "--edk "
+Matches as many eDonkey/eMule packets as possible.
+.TP
+.B "--kazaa "
+Matches as many KaZaA packets as possible.
+.TP
+.B "--gnu "
+Matches as many Gnutella packets as possible.
+.TP
+.B "--dc "
+Matches as many Direct Connect packets as possible.
+.TP
+.B "--bit "
+Matches BitTorrent packets.
+.TP
+.B "--apple "
+Matches AppleJuice packets.
+.TP
+.B "--soul "
+Matches some SoulSeek packets. Considered as beta, use careful!
+.TP
+.B "--winmx "
+Matches some WinMX packets. Considered as beta, use careful!
+.TP
+.B "--ares "
+Matches Ares and AresLite packets. Use together with -j DROP only.
+.TP
+.B "--ipp2p "
+Short hand for: --edk --kazaa --gnu --dc
+.TP
+.B "--debug "
+Prints some information about each hit into kernel logfile. May
+produce huge logfiles so beware!
