North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
RE: QoS for ADSL customers
On Tue, 6 Dec 2005, Ejay Hire wrote:
These are "action" modules - they receive the data when it matchesThere are quite a few modules for iptables that will reach up to Layer 7, including several specifically for file sharing applications... And one really nifty one that makes non-passive ftp work through NAT.
particular netfilter rules and then do something in place where you
could have accept or reject. But for L7 filtering you need module
that can be used in place of "source" or "destination" rules. Yes
it is possible to build those with linux (like ipset - see ipset.netfilter.org - its pretty cool), but I've not seen ones for
L7 classification - at least not public open source ...
The place to find more about iptable is http://www.netfilter.org
For iptables it is http://ebtables.sourceforge.net (this one you
need only if you're building custom linux bridge).