February 24, 2005

Application Layer Packet Classifier for Linux

Application Layer Packet Classifier for Linux is a classifier for the Linux kernel's Netfilter subsystem
that identifies packets based on application layer data (OSI layer 7).

Installation instruction
1. Patch kernel (both 2.4 and 2.6 are support), build new kernel
2. Patch iptables, build new iptables, cp extensions/libipt_layer7.so /usr/local/lib/iptables

iptables command example:
iptables -A FORWARD -m layer7 --l7proto msnmessenger -j DROP

I test Skype pattern, not work.
I wrote a softether pattern (for 1.0 or 2.0) as follow.
# SoftEther http://www.softether.com
#
# Pattern quality: marginal
#
# By Henry Pan
#
# SoftEther 1.0 ^802f0103010006000000200000040100
# SoftEther 2.0 certification.*softether vpn server
#
softether
^\x80\x2f\x01\x03\x01\x00\x06\x00\x00\x00|certification.*softether vpn server

Posted by pank at February 24, 2005 12:15 AM
Comments

L7-filter也是一套可以管理OSI layer 7的工具,雖然還沒試過感覺還不錯。
L7-filter 安裝實錄
http://cha.homeip.net/blog/archives/2005/12/l7filter.html

Posted by: ray at December 5, 2006 02:15 PM
Post a comment













Remember personal info?