Anybody doing DPI on their home network?
I’m curious and ideally I’m trying to block DoH traffic. I’ve been looking at the nDPI library from ntopng and its actually looks pretty promising and pretty solid.
Anyone have experience with this or doing this already and can give some advice?
Thanks
Why would there be Department of Health traffic on your network?
Perhaps ask in a networking forum rather than a home automation one.
I was more thinking for DoH traffic
You’ll need a firewall with Man In the Middle capabilities for secure traffic. In order to inspect DoH packets it must be able to mint certificates on the fly, which will required it having a CA trusted by all devices behind it. Enterprise firewalls commonly do this.
You can create your own CA but potentially it won’t work on many devices, if you are able to install it at all. Best solution is to get a firewall appliance or software with a publicly trusted CA, which is not cheap.
The first time you use a TLA (three letter acronym) you should disambiguate it, just like I did there. Otherwise it can be misinterpreted. I did it on purpose but you missed the point. You and I know the DoH stands for DNS over HTTPS, not Department of Health, but others may not.