L7 compiled fine on Fedora Core 4 with kernel 2.6.12.6 with following
procedure:
1. patched kernel sources with ipp2p using patch-o-matic-ng
2. patched kernel with the patch file from l7
3. patched iptables-1.3.5 with l7
4. make/install iptables
5. make/install kernel
I had to adjust the destination directories for iptables to fit Fedora's
convention.
Best regards,
Arik
Jandre Olivier wrote:
I was just about to post the same post,
I currently use ipp2p and it works pretty well, It just doesnt seem to
track morpheous(fasttrack) protocols, otherwise it works pretty well. I
have quite alot of connections and havent seen any performance issues.
My next step is to add L7 as well with ipp2p to completely block/shape p2p.
However I find L7 bit more tricky than ipp2p to compile
Cannot comment on L7
J
Arik Raffael Funke wrote:
Hi,
can anybody comment on the cost of matching with IPP2P vs. Layer7.
Also, does a iptables rule with more complicated matching mechanism
also slow down processing if all the packets are matched before they
reach the rule. I.e. is the mere existence of a potentially costly
rule already slowing down processing or only if packets are actually
processed by it?
Thanks very much in advance.
Best regards,
Arik
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
