Layer-7 Packet Classifier for Linux is a packet classifier for Netfilter that identifies packets based on application layer (OSI layer 7) data. This means that it is able to classify packets as HTTP, FTP, Gnucleus, Kazaa, etc., regardless of ports.
It complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
Here are some key features of "Layer-7 Packet Classifier for Linux":
· Patches for Linux 2.4 and 2.6
· Support for TCP, UDP and ICMP over IPv4
· Uses Netfilter's connection tracking of FTP, IRC, etc
· Examines data across multiple packets
· Number of packets examined tunable on the fly through /proc
· Number of bytes examined tunable at module load time
· Distinguishes between new connections (those still being tested) and old unidentified connections
· Gives access to both Netfilter and QoS (rate limiting) features
· With the Netfilter "helper" match, you can distinguish between parent and child connections (e.g. ftp command/data)
· Layer-7 Packet Classifier for Linux
What's New in This Release: [ read full changelog ]
· Improved sip.
· Removed incorrect comment from unset.
· Made standard number of iterations in test suite 100000 instead of 10000.
· Reran benchmarks on my new hardware, adjusted boundaries and recategorized patterns accordingly: 23 patterns were bumped one category slower for the kernel version and 3 (non-overlapping) patterns were bumped one category faster for the userspace version.