Hi i have seen your post in news group that layer 7 filtering can be used with TC iam trying to deploy layer 7 in RH 9.0 which got a kernel of 2.4.20 i have upgraded to 2.4.20-19 now but the Layer 7 available for only 2.5 and above how can i use this patch for 2.4.20-19 does any one have clue for the same or any other Patch i can get to deploy with 2.4.20 help will be appreciate hare _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
I found some time ago that the u32 classifier can read any part of a packet - header and/or data section using the byte offset facility and action on match. If I understand correct, the Layer 7 filter patch does the same as P2P applications use the same ports as many other services but the payload is different. The filter has payload patterns that it searches for to identify the application. Maybe the Layer 7 filter patch searches without byte offset - meaning a substring kind of search and uses the boolean outcome for action trigger. Can this be then done using the u32 filter itself? Mohan -----Original Message----- From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On Behalf Of hare ram Sent: Monday, July 28, 2003 12:56 PM To: lartc@mailman.ds9a.nl Subject: [LARTC] help on Layer 7 with TC Hi i have seen your post in news group that layer 7 filtering can be used with TC iam trying to deploy layer 7 in RH 9.0 which got a kernel of 2.4.20 i have upgraded to 2.4.20-19 now but the Layer 7 available for only 2.5 and above how can i use this patch for 2.4.20-19 does any one have clue for the same or any other Patch i can get to deploy with 2.4.20 help will be appreciate hare _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Monday 28 July 2003 17:16, S Mohan wrote:> I found some time ago that the u32 classifier can read any part of a > packet - header and/or data section using the byte offset facility and > action on match. If I understand correct, the Layer 7 filter patch does the > same as P2P applications use the same ports as many other services but the > payload is different. The filter has payload patterns that it searches for > to identify the application. Maybe the Layer 7 filter patch searches > without byte offset - meaning a substring kind of search and uses the > boolean outcome for action trigger. Can this be then done using the u32 > filter itself?Yes and no. It can maybe be done, but the l7 fitlering has a /proc interface to update the patterns. You can also use iptables to search for patterns and mark the packets. But the l7 filter is smart. It only examines the first 7 packets of a connection to find out the type. The other packets are considered as data. This can be done because it can get the conntrack information from the kernel, so it knows which packets belongs to which connection. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/