- Layer 7 filter
- The L7-filter project has developed patches for the kernel and iptables as well as a collection of pattern files in order to support the analysis and filtering of Layer 7 protocols. By incorporating these patches and pattern files into Fedora, a much broader base of users would have access to Layer 7 features for purposes such as Quality of Service and Security.
- Name: David Cartwright
- email: <bugzilla at alkira dot com>
- Targeted release: Fedora 12
- Last updated: 10 April 2009
- Percentage of completion: 0%
- The L7-filter project home page is at http://l7-filter.sourceforge.net/.
Benefit to Fedora
- Adding Layer 7 functionality into Fedora is in line with Fedora's strong focus on security and performance. Layer 7 filtering would provide the ability to analyze, filter and prioritize data traffic based on its protocol and extend the capabilities of the iptables firewall beyond layer 3.
Scope would most likely involve extensive testing of the i7-filter kernel and iptables patches to ensure they conform to the Fedora quality standards.
How To Test
- TBA by kernel experts. I can do testing from a sys admin perspective.
Features would be immediately accessible via command line. However Fedora GUI tools such as the Firewall setup tool would need to be updated to support the new Layer 7 options.
- Any user wanting layer 7 filtering capabilities would need to apply kernel and iptables patches.
- L7-filter project home page: http://l7-filter.sourceforge.net/.
Comments and Discussion