L7-filter Applications

We can use L7-filter with any iptables option; after all, L7-filter provides just another match option. However, not all the things we can do with our new match option are recommended, because L7-filter might match packets belonging to other applications than the one you want.

Filtering Application Data

Blocking application data that passes through your router is one of the non-recommended things that you can do with L7-filter.

Traffic from different applications might look similar; so you might experience problems when dropping data based on the L7-filter match. For example, if you drop packets that belong to eDonkey, there might be some other protocols that will experience problems. The eDonkey pattern matches about 1% ...

Get Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter by

L7-filter Applications

Filtering Application Data

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly