L7-filter
Encyclopedia
l7-filter is a software package which provides a classifier for Linux's Netfilter subsystem which can categorize Internet Protocol
packets based on their application layer
data. The major goal of this tool is to make possible the identification of peer-to-peer
programs, which use unpredictable port numbers. There are two versions for this software. the first is implemented as a kernel module for Linux 2.4 and 2.6. The second experimental version was released in December 2006 which runs as a user-space program and relies on netfiler's user-space libraries for the classification process.
Both versions of l7-filter use regular expression
s (though the user-space and kernel modules use different regular expression libraries) to identify the network protocol. This technique, used in conjunction with Linux's QoS
system, allows application specific yet port-independent traffic shaping.
All versions of l7-filter have been released under the GNU General Public License
.
Internet Protocol
The Internet Protocol is the principal communications protocol used for relaying datagrams across an internetwork using the Internet Protocol Suite...
packets based on their application layer
Application layer
The Internet protocol suite and the Open Systems Interconnection model of computer networking each specify a group of protocols and methods identified by the name application layer....
data. The major goal of this tool is to make possible the identification of peer-to-peer
Peer-to-peer
Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
programs, which use unpredictable port numbers. There are two versions for this software. the first is implemented as a kernel module for Linux 2.4 and 2.6. The second experimental version was released in December 2006 which runs as a user-space program and relies on netfiler's user-space libraries for the classification process.
Both versions of l7-filter use regular expression
Regular expression
In computing, a regular expression provides a concise and flexible means for "matching" strings of text, such as particular characters, words, or patterns of characters. Abbreviations for "regular expression" include "regex" and "regexp"...
s (though the user-space and kernel modules use different regular expression libraries) to identify the network protocol. This technique, used in conjunction with Linux's QoS
Quality of service
The quality of service refers to several related aspects of telephony and computer networks that allow the transport of traffic with special requirements...
system, allows application specific yet port-independent traffic shaping.
All versions of l7-filter have been released under the GNU General Public License
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
.