[转载]Application Layer Packet Classifier for Linux
信息来源:l7-filter.sourceforge.net编者:里我只发个目录 如果大家喜欢请点连接进去看哦
[url]http://l7-filter.sourceforge.net/[/url]
General Information
This is a classifier for the Linux kernel's Netfilter subsystem that identifies packets based on application layer data (OSI layer 7). This means that it can classify packets as HTTP, FTP, Gnucleus, eDonkey2000, etc, regardless of port. Our classifier complements existing ones that match on address, port numbers and so on.
Our intent is for l7-filter to be used in conjunction with Linux QoS to do bandwith arbitration ("packet shaping").
For downloads, see our Sourceforge project page (but please read the HOWTO first).
Documentation
User docs
Using our patches is not an intuitive process. Please read the documentation before starting.
HOWTO
FAQ
List of supported protocols
Developer docs
Technical details
Protocols we would like to support
Guide for writing patterns to match protocols
Feature Overview
Patches for Linux 2.4 and 2.6
Support for TCP, UDP and ICMP over IPv4
Uses Netfilter's connection tracking of FTP, IRC, etc
Examines data across multiple packets
Number of packets examined tunable through /proc/net/layer7_numpackets
With the Netfilter helper match, can distinguish between parent (ex. ftp command) and child (ex. ftp data) connections
Gives access to both Netfilter (firewall) and QoS (rate limiting) features
Might be in the stock kernel, or at least patch-o-matic, some day
How can I help?
Read the developer documentation. Then you can:
Find bugs (and/or typos). Report and/or fix them.
Test our patterns and send us your results.
Write new patterns.
Do performance testing and send us your results.
Translate our documentation into other languages.
Write a front-end that makes traffic shaping easy.
Contact us
Questions, comments, submissions, praise, criticism? [email]l7-filter-developers@lists.sourceforge.net[/email]. (Join the list.) You can also e-mail Matthew Strait directly at "quadong AT users.sf.net", but posting to the list is prefered.
Alternatively, bug reports, requests for features, and patches may be submitted through our Sourceforge page.
Links
Netfilter documentation. Highly recommended reading.
QoS doesn't come with documentation. The Linux Advanced Routing & Traffic Control HOWTO project is the best attempt we have found to explain its mysteries. It still remains rather mysterious, unfortunate to say.
Similar projects:
Bandwidth Arbitrator for Linux
IPP2P - A Netfilter module that simply answers the question "Is this P2P?"
oofle.com
Credits
The original coders were Justin Levandoski, Ethan Sommer, and Matthew Strait, with support from Sebastian Celis, Andy Exley and Lillie Kittredge.
The primary maintainers are now Ethan Sommer and Matthew Strait.
Thanks also to:
Mike Auty (bug reporting)
Sebastien Bechet (patterns)
Laurens Blankers (patterns, bug reporting)
Franck Bouffard (patterns, bug reporting)
Vincent Deffontaines (French translation)
Ankit Desai (patterns)
Ben Efros (patterns)
Eicke Friedrich (IPP2P)
Joerg Hoh (Netfilter 2.4 backport)
Jan Judec (patterns)
Michael Leong (patterns)
Mike Mestnik (bug reporting)
Antid0t (bug reporting)
Stefano Papaleo (Italian translation)
Trevor Paskett (patterns)
Carlo Perassi (bug reporting)
Tomas Potok (Slovak translation)
Art Reisman (bandwidtharbitrator)
Goli SriSairam (patterns)
Falstaf/Magnus Ternstr
页:
[1]