Layer 7 filtering
Alexander Dalloz
ad+lists at uni-x.org
Wed Jun 29 18:16:02 UTC 2005
Am Mi, den 29.06.2005 schrieb Ovidiu Lixandru um 20:09:
> I've got a RedHat Linux 9 router which provides net for a LAN via DNAT.
Sorry to say, but this is the wrong auditorium for Red Hat Linux 9
issues.
> On this machine I plan to use layer 7 filtering in order to get rid of
> some unwanted instant messaging and p2p protocols for some of the
> internal IP's. So far, I've found l7-filter which seems to provide what
> I need.
> I've rebuilt the iptables-1.2.9-2.3.1 srpm including the l7-filter patch
> and it worked nicely.
> The ugly part comes with the kernel (2.4.20-8). I've deployed the srpm
O man, that old kernel is long. long time obsolete and a no-go for a
firewalling router! Have a close look at the Fedora Legacy Project.
> At this point, I'm pondering whether to switch to a recent RHEL 2.6
> kernel and try patching that or get some other layer 7 filtering
> software which may work nicely with the RH 2.4.20 kernel (is there any
> other?).
Migrate to Fedora - then you are right here (or get RHEL or CentOS and
use their communication routes).
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 20:12:59 up 4 days, 3:05, load average: 0.10, 0.09, 0.09
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050629/ca8036c4/attachment-0001.sig>
More information about the fedora-list
mailing list