› Forums › Network Management › ZeroShell › L7 filter?
- This topic is empty.
-
AuthorPosts
-
February 5, 2007 at 10:09 pm #40550
stasi88
MemberHi,
I see you have IPP2P for control of P2P traffic which is good, but will you be adding the L7 filter stuff? http://l7-filter.sourceforge.net/ so that other applications can be controlled such as IM apps like messenger and yahoo IM? also L7 support apps like Citrix which gives more flexibility.
regards
Peter
February 5, 2007 at 10:23 pm #45115imported_fulvio
ParticipantL7-filter will be available in the next release.
They will be possible to use the in the firewall and in the QoS management.
I don’t know L7 by Citrix. Is an Open Source software?Regards
FulvioFebruary 6, 2007 at 7:01 pm #45116stasi88
MemberHi Fulvio,
OK thats good news, when will the next release be scheduled with L7 support? Also please ensure the patterns can easily be updated.
Regards Citrix, what I meant was that L7 has support to classify more apps than IPP2P , example was Citrix. Sorry for the misunderstanding.
Regards P2P and IM , I am interested solely in run zeroshell as a transparent bridge and blocking P2P and IM. Obviously L7 is needed to classify and block IM traffic. But will this simple blocking function be available even if it means manually making iptables entries?
regards
PeterFebruary 19, 2007 at 11:00 pm #45117imported_fulvio
ParticipantOk, l7-filter is available in the release 1.0.beta4.
March 27, 2007 at 1:50 am #45118kwag
Member@stasi88 wrote:
Regards P2P and IM , I am interested solely in run zeroshell as a transparent bridge and blocking P2P and IM. Obviously L7 is needed to classify and block IM traffic. But will this simple blocking function be available even if it means manually making iptables entries?
Hi,
I would also like to know if this is possible.
I can see that I can control bandwidth down to 1Kb (can’t input zero).
So I would like to know if there’s a way I can “Class” matching L7 rules to actually block (discard) the matching traffic, instead of actually “shaping” it.@Fluvio,
You’ve done a hell of a great job on ZeroShell πThanks!,
-KarlMarch 27, 2007 at 7:47 pm #45119imported_fulvio
ParticipantIf you want to drop a connection by using the L7-filter instead to shape it, you should not use the Classifier in the [QoS]->[Classifier] section, but the FORWARD chain in the [Firewall]->[Manage] section. The interface of the firewall is the same of the QoS Classifier’s interface and hence you will are able to set the l7-filter and select the DROP target.
Regards
FulvioMarch 27, 2007 at 9:35 pm #45120kwag
MemberThank you Fulvio β
I was way off (QoS instead of Firewall section) π
It’s now working like a charm π-Karl
-
AuthorPosts
- You must be logged in to reply to this topic.