?= Date: Sat, 31 May 2003 17:40:53 +0100 User-Agent: KMail/1.5.9 References: <3EBFD82E.2060102@xxxxxxxxxxxxxxxxxxx> <200305311735.04126.stef.coene@xxxxxxxxx> In-Reply-To: <200305311735.04126.stef.coene@xxxxxxxxx> X-KMail-Link-Message: 443491 X-KMail-Link-Type: reply MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200305311740.54328.stormlabs@xxxxxxx> Status: RO X-Status: Q X-KMail-EncryptionState: X-KMail-SignatureState: X-KMail-MDN-Sent: On Saturday 31 May 2003 16:35, Stef Coene wrote: > Hi, > > Layer 7 filtering was a topic on slashdot ! > http://slashdot.org/article.pl?sid=03/05/30/180224&mode=thread&tid=106&tid= >185 > > After reading some slashdot comments, I downloaded the source. And I have > some comments on it. I think these comments also belongs to the faq page > of the layer 7 filtering page. > > First of all, this is not a packet filter, it's a connection filter. So > once a connection is classified as http, all following packets beloning to > that connection are classified as http. I just wonder if it also works for > ftp traffic with seperate command and data connections. Which was exactly what i wanted, but then i opened the page and saw its only for 2.5 kernels. I'm not about to put a 2.5 kernel in my router. I doubt it works for protocols like FTP as it uses regular expressions to identify the protocol much like a virus program. The data connection of FTP might not have any identifying data... A good way of doing that would be a plugin system, in which such plugins could interpret the protocol. Maybe some kind soul will backport it to 2.4 so i can test it :)
