L7 filter?

Forums Network Management ZeroShell L7 filter?

  • This topic is empty.
Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • February 5, 2007 at 10:09 pm #40550
    stasi88
    Member

    Hi,

    I see you have IPP2P for control of P2P traffic which is good, but will you be adding the L7 filter stuff? http://l7-filter.sourceforge.net/ so that other applications can be controlled such as IM apps like messenger and yahoo IM? also L7 support apps like Citrix which gives more flexibility.

    regards

    Peter

    February 5, 2007 at 10:23 pm #45115
    imported_fulvio
    Participant

    L7-filter will be available in the next release.
    They will be possible to use the in the firewall and in the QoS management.
    I don’t know L7 by Citrix. Is an Open Source software?

    Regards
    Fulvio

    February 6, 2007 at 7:01 pm #45116
    stasi88
    Member

    Hi Fulvio,

    OK thats good news, when will the next release be scheduled with L7 support? Also please ensure the patterns can easily be updated.

    Regards Citrix, what I meant was that L7 has support to classify more apps than IPP2P , example was Citrix. Sorry for the misunderstanding.

    Regards P2P and IM , I am interested solely in run zeroshell as a transparent bridge and blocking P2P and IM. Obviously L7 is needed to classify and block IM traffic. But will this simple blocking function be available even if it means manually making iptables entries?

    regards
    Peter

    February 19, 2007 at 11:00 pm #45117
    imported_fulvio
    Participant

    Ok, l7-filter is available in the release 1.0.beta4.

    March 27, 2007 at 1:50 am #45118
    kwag
    Member

    @stasi88 wrote:

    Regards P2P and IM , I am interested solely in run zeroshell as a transparent bridge and blocking P2P and IM. Obviously L7 is needed to classify and block IM traffic. But will this simple blocking function be available even if it means manually making iptables entries?

    Hi,

    I would also like to know if this is possible.
    I can see that I can control bandwidth down to 1Kb (can’t input zero).
    So I would like to know if there’s a way I can “Class” matching L7 rules to actually block (discard) the matching traffic, instead of actually “shaping” it.

    @Fluvio,
    You’ve done a hell of a great job on ZeroShell πŸ˜‰

    Thanks!,
    -Karl

    March 27, 2007 at 7:47 pm #45119
    imported_fulvio
    Participant

    If you want to drop a connection by using the L7-filter instead to shape it, you should not use the Classifier in the [QoS]->[Classifier] section, but the FORWARD chain in the [Firewall]->[Manage] section. The interface of the firewall is the same of the QoS Classifier’s interface and hence you will are able to set the l7-filter and select the DROP target.

    Regards
    Fulvio

    March 27, 2007 at 9:35 pm #45120
    kwag
    Member

    Thank you Fulvio ❗
    I was way off (QoS instead of Firewall section) πŸ˜†
    It’s now working like a charm 😎

    -Karl

  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.