On Sun, 2012-10-28 at 16:57 +0200, Eliezer Croitoru wrote: > > I have to admit that I only had limited success with l7-filter, although > > it no longer appears to be maintained anyway. > > > What would you want to achieve from a using l7 iptables? > filtering? scheduling? At the time I was using it to do traffic shaping, to prevent p2p applications overloading a network with low bandwidth internet connection. The problem was that it only needed one p2p application to not be identified for the network to be overloaded. So in the end I took a rather rudimentary approach and just identified any client making lots of connections to ports above 1024: http://www.andybev.com/index.php/Fair_traffic_shaping_an_ADSL_line_for_a_local_network_using_Linux Andy -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
