From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from cormorant.upnet.gr (cormorant.upnet.gr [150.140.129.7]) by dpdk.org (Postfix) with ESMTP id AA98F1E35 for ; Wed, 2 May 2018 18:30:52 +0200 (CEST) Received: (qmail 32495 invoked from network); 2 May 2018 16:30:44 -0000 Received: from xmail1.upnet.gr (HELO mail1.upnet.gr) ([150.140.129.42]) (envelope-sender ) by cormorant.upnet.gr (qmail-ldap-1.03) with SMTP for ; 2 May 2018 16:30:44 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Wed, 02 May 2018 19:30:51 +0300 From: Konstantinos Schoinas To: users@dpdk.org Message-ID: <1e68674367022360d7f6973e295dd004@upnet.gr> X-Sender: ece8537@upnet.gr User-Agent: Roundcube Webmail/1.1.0 Subject: [dpdk-users] Security Block TLS X-BeenThere: users@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK usage discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2018 16:30:54 -0000 Hello, I wanna create a dpdk application that do something like this: Implement a simple blacklist with FQDN patterns. The dpdk app must extract the SNI from the Client Hello message of the TLS exchange. It will then check the SNI against the blacklist. If it matches, VNF shall block (drop packets) the TLS session, effectively disallowing the user from visiting the particular secure site. Can anyone give me any good information on what tools, libraries or sample applications I can use in order to create something like that? Thanks for your time, Konstantinos