L7 filter?

Home Page Forums Network Management ZeroShell L7 filter?

This topic contains 5 replies, has 0 voices, and was last updated by  stasi88 12 years ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #40550

    stasi88
    Member

    Hi,

    I see you have IPP2P for control of P2P traffic which is good, but will you be adding the L7 filter stuff? http://l7-filter.sourceforge.net/ so that other applications can be controlled such as IM apps like messenger and yahoo IM? also L7 support apps like Citrix which gives more flexibility.

    regards

    Peter

    #45115

    imported_fulvio
    Participant

    L7-filter will be available in the next release.
    They will be possible to use the in the firewall and in the QoS management.
    I don’t know L7 by Citrix. Is an Open Source software?

    Regards
    Fulvio

    #45116

    stasi88
    Member

    Hi Fulvio,

    OK thats good news, when will the next release be scheduled with L7 support? Also please ensure the patterns can easily be updated.

    Regards Citrix, what I meant was that L7 has support to classify more apps than IPP2P , example was Citrix. Sorry for the misunderstanding.

    Regards P2P and IM , I am interested solely in run zeroshell as a transparent bridge and blocking P2P and IM. Obviously L7 is needed to classify and block IM traffic. But will this simple blocking function be available even if it means manually making iptables entries?

    regards
    Peter

    #45117

    imported_fulvio
    Participant

    Ok, l7-filter is available in the release 1.0.beta4.

    #45118

    kwag
    Member

    @stasi88 wrote:

    Regards P2P and IM , I am interested solely in run zeroshell as a transparent bridge and blocking P2P and IM. Obviously L7 is needed to classify and block IM traffic. But will this simple blocking function be available even if it means manually making iptables entries?

    Hi,

    I would also like to know if this is possible.
    I can see that I can control bandwidth down to 1Kb (can’t input zero).
    So I would like to know if there’s a way I can “Class” matching L7 rules to actually block (discard) the matching traffic, instead of actually “shaping” it.

    @Fluvio,
    You’ve done a hell of a great job on ZeroShell 😉

    Thanks!,
    -Karl

    #45119

    imported_fulvio
    Participant

    If you want to drop a connection by using the L7-filter instead to shape it, you should not use the Classifier in the [QoS]->[Classifier] section, but the FORWARD chain in the [Firewall]->[Manage] section. The interface of the firewall is the same of the QoS Classifier’s interface and hence you will are able to set the l7-filter and select the DROP target.

    Regards
    Fulvio

    #45120

    kwag
    Member

    Thank you Fulvio ❗
    I was way off (QoS instead of Firewall section) 😆
    It’s now working like a charm 😎

    -Karl

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.