* Question on Layer 7 filtering
@ 2006-09-07 20:34 Maxime Ducharme
0 siblings, 0 replies; 4+ messages in thread
From: Maxime Ducharme @ 2006-09-07 20:34 UTC (permalink / raw)
To: netfilter
Hello ppl
anyone have experience with http://l7-filter.sourceforge.net/ ?
We are currently looking for a way to add more security
with linux based solutions (Layer 7 filtering would be very nice)
We are ready to develop some parts if needed (i mean we dont want
to buy "all-set" linux solutions)
example of what we'd like to block :
- good ol' codered/nimba/slammer attacks
- sql injections
- XSS
- ...
TIA
Maxime Ducharme
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Question on Layer 7 filtering
[not found] <20060907203617.8258434DAA@mail.caf.com.tr>
@ 2006-09-08 5:18 ` Eray Aslan
0 siblings, 0 replies; 4+ messages in thread
From: Eray Aslan @ 2006-09-08 5:18 UTC (permalink / raw)
To: netfilter
On Thu, September 7, 2006 11:34 pm, Maxime Ducharme wrote:
>
> Hello ppl
>
> anyone have experience with http://l7-filter.sourceforge.net/ ?
>
> We are currently looking for a way to add more security
> with linux based solutions (Layer 7 filtering would be very nice)
>
> We are ready to develop some parts if needed (i mean we dont want
> to buy "all-set" linux solutions)
[snip]
Works for us with both 2.6.16 and 2.6.17 kernels. We use it for traffic
shaping, mainly for skype.
--
Eray
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: Question on Layer 7 filtering
@ 2006-09-12 17:47 Maxime Ducharme
0 siblings, 0 replies; 4+ messages in thread
From: Maxime Ducharme @ 2006-09-12 17:47 UTC (permalink / raw)
To: netfilter
Sorry my question was not in the email,
is there any equivalent for l7 filtering under iptables ?
TIA
Maxime Ducharme
-----Message d'origine-----
De : netfilter-bounces@lists.netfilter.org
[mailto:netfilter-bounces@lists.netfilter.org] De la part de Maxime Ducharme
Envoyé : 7 septembre, 2006 16:34
À : netfilter@lists.netfilter.org
Objet : Question on Layer 7 filtering
Hello ppl
anyone have experience with http://l7-filter.sourceforge.net/ ?
We are currently looking for a way to add more security
with linux based solutions (Layer 7 filtering would be very nice)
We are ready to develop some parts if needed (i mean we dont want
to buy "all-set" linux solutions)
example of what we'd like to block :
- good ol' codered/nimba/slammer attacks
- sql injections
- XSS
- ...
TIA
Maxime Ducharme
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Question on Layer 7 filtering
[not found] <20060914060407.03444B543@mail.kisise>
@ 2006-09-19 7:54 ` Aleksander
0 siblings, 0 replies; 4+ messages in thread
From: Aleksander @ 2006-09-19 7:54 UTC (permalink / raw)
To: netfilter
Maxime Ducharme wrote:
> Sorry my question was not in the email,
> is there any equivalent for l7 filtering under iptables ?
Layer7 is for iptables.
iptables -t filter -A FORWARD -m layer7 --l7proto yourproto -j DROP
HTH,
Alex
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2006-09-19 7:54 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20060914060407.03444B543@mail.kisise>
2006-09-19 7:54 ` Question on Layer 7 filtering Aleksander
2006-09-12 17:47 Maxime Ducharme
[not found] <20060907203617.8258434DAA@mail.caf.com.tr>
2006-09-08 5:18 ` Eray Aslan
-- strict thread matches above, loose matches on Subject: below --
2006-09-07 20:34 Maxime Ducharme
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox