l7-filter
l7-filter is a software package that provides a classifier for Linux's Netfilter subsystem which can categorize Internet Protocol packets based on their application layer data.[1] The primary goal of this tool is to enable the identification of peer-to-peer programs, which use unpredictable port numbers. There are two versions of this software. The first is implemented as a kernel module for Linux 2.4 and 2.6. The second experimental version was released in December 2006 and runs as a user-space program, relying on netfilter's user-space libraries for the classification process.
Both versions of l7-filter use regular expressions (though the user-space and kernel modules use different regular expression libraries) to identify the network protocol.[2] This technique, used in conjunction with Linux's QoS system, allows application-specific yet port-independent traffic shaping.
All versions of l7-filter have been released under the GNU General Public License.
In December 2017, l7-filter was retired and replaced by the open source Netify Agent.[3]
References
- ↑ Gheorghe, Lucian (2006). Designing and Implementing Linux Firewalls with QoS Using Netfilter, Iproute2, NAT and L7-filter. Packt Publishing Ltd. pp. Chapter 5. ISBN 978-1-84719-051-2. Search this book on
- ↑ Chen, Yan; Dimitriou, Tassos D.; Zhou, Jianying (2009). Security and Privacy in Communication Networks: 5th International ICST Conference, SecureComm 2009, Athens, Greece, September 14-18, 2009, Revised Selected Papers. Springer. p. 195. ISBN 978-3-642-05284-2. Search this book on
- ↑ "A fond farewell to l7-filter". L7-Filter Home Page. Archived from the original on 2020-06-25. Retrieved 2020-05-26.
External links
- l7-filter's website Archived 2012-10-30 at the Wayback Machine
 | This Linux-related article is a stub. You can help EverybodyWiki by expanding it. |
