From Fedora Project Wiki
(New page: = Feature Name = <!-- --> * Layer 7 filter == Summary == <!-- --> * The L7-filter project has developed patches for the kernel and iptables as well as a collection of pattern files in ord...)
 
m (Removing QA category)
 
(One intermediate revision by one other user not shown)
Line 57: Line 57:


== Comments and Discussion ==
== Comments and Discussion ==
* See [[Talk:Features/YourFeatureName]]  <!-- This adds a link to the "discussion" tab associated with your page.  This provides the ability to have ongoing comments or conversation without bogging down the main feature page -->
* See [[Talk:Features/Layer7Filter]]  <!-- This adds a link to the "discussion" tab associated with your page.  This provides the ability to have ongoing comments or conversation without bogging down the main feature page -->




Line 66: Line 66:
<!-- A pretty picture of the page category usage is at: https://fedoraproject.org/wiki/Features/Policy/Process -->
<!-- A pretty picture of the page category usage is at: https://fedoraproject.org/wiki/Features/Policy/Process -->


[[Category:Features needing QA approval]]
 
<!-- Note that the current Feature guidelines require useful Scope and Test Plans at certain milestones; QA is responsible for checking these, and will change this category as needed. -->
<!-- Note that the current Feature guidelines require useful Scope and Test Plans at certain milestones; QA is responsible for checking these, and will change this category as needed. -->

Latest revision as of 17:35, 17 April 2009

Feature Name

  • Layer 7 filter

Summary

  • The L7-filter project has developed patches for the kernel and iptables as well as a collection of pattern files in order to support the analysis and filtering of Layer 7 protocols. By incorporating these patches and pattern files into Fedora, a much broader base of users would have access to Layer 7 features for purposes such as Quality of Service and Security.

Owner

  • email: <bugzilla at alkira dot com>

Current status

  • Targeted release: Fedora 12
  • Last updated: 10 April 2009
  • Percentage of completion: 0%


Detailed Description

Benefit to Fedora

  • Adding Layer 7 functionality into Fedora is in line with Fedora's strong focus on security and performance. Layer 7 filtering would provide the ability to analyze, filter and prioritize data traffic based on its protocol and extend the capabilities of the iptables firewall beyond layer 3.

Scope

Scope would most likely involve extensive testing of the i7-filter kernel and iptables patches to ensure they conform to the Fedora quality standards.

How To Test

  • TBA by kernel experts. I can do testing from a sys admin perspective.

User Experience

Features would be immediately accessible via command line. However Fedora GUI tools such as the Firewall setup tool would need to be updated to support the new Layer 7 options.

Dependencies

Contingency Plan

  • Any user wanting layer 7 filtering capabilities would need to apply kernel and iptables patches.

Documentation

Release Notes

Comments and Discussion