Layer-7 Packet Classifier for Linux is a packet classifier for Netfilter that identifies packets based on application layer.

Layer-7 Packet Classifier for Linux is a packet classifier for Netfilter that identifies packets based on application layer (OSI layer 7) data. This means that it is able to classify packets as HTTP, FTP, Gnucleus, Kazaa, etc., regardless of ports.

It complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.

Here are some key features of "Layer 7 Packet Classifier for Linux":

· Patches for Linux 2.4 and 2.6
· Support for TCP, UDP and ICMP over IPv4
· Uses Netfilter's connection tracking of FTP, IRC, etc
· Examines data across multiple packets
· Number of packets examined tunable on the fly through /proc
· Number of bytes examined tunable at module load time
· Distinguishes between new connections (those still being tested) and old unidentified connections
· Gives access to both Netfilter and QoS (rate limiting) features
· With the Netfilter "helper" match, you can distinguish between parent and child connections (e.g. ftp command/data)

Requirements:

· Layer-7 Packet Classifier for Linux (Netfilter 2.4/2.6 patches branch)

What's New in This Release:

· Testing for random matches with test_match.sh and the kernel library was completely broken.
· It now actually works.
· Added includes to testing programs for gcc 4.3 compatibility.
· Updated qq.