Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: QoS for ADSL customers

  • From: william(at)elan.net
  • Date: Tue Dec 06 12:36:01 2005


Somebody else emailed me privately link for L7 filtering with linux
(its all experimental and requires custom linux patches for now):
 http://l7-filter.sourceforge.net/L7-HOWTO-Netfilter

Also in previous post it was supposed to be:
  For ebtables it is http://ebtables.sourceforge.net (this is
  needed if you want security when building custom linux bridge)

On Tue, 6 Dec 2005, Ejay Hire wrote:

There are quite a few modules for iptables that will reach
up to Layer 7, including several specifically for file
sharing applications...

And one really nifty one that makes non-passive ftp work
through NAT.
These are "action" modules - they receive the data when it matches
particular netfilter rules and then do something in place where you
could have accept or reject. But for L7 filtering you need module
that can be used in place of "source" or "destination" rules. Yes
it is possible to build those with linux (like ipset - see
ipset.netfilter.org - its pretty cool), but I've not seen ones for
L7 classification - at least not public open source ...

The place to find more about iptable is http://www.netfilter.org
For iptables it is http://ebtables.sourceforge.net (this one you
need only if you're building custom linux bridge).

--
William Leibzon
Elan Networks
william@elan.net




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.