From Fedora Project Wiki

Feature Name

  • Layer 7 filter

Summary

  • The L7-filter project has developed patches for the kernel and iptables as well as a collection of pattern files in order to support the analysis and filtering of Layer 7 protocols. By incorporating these patches and pattern files into Fedora, a much broader base of users would have access to Layer 7 features for purposes such as Quality of Service and Security.

Owner

  • email: <bugzilla at alkira dot com>

Current status

  • Targeted release: Fedora 12
  • Last updated: 10 April 2009
  • Percentage of completion: 0%


Detailed Description

Benefit to Fedora

  • Adding Layer 7 functionality into Fedora is in line with Fedora's strong focus on security and performance. Layer 7 filtering would provide the ability to analyze, filter and prioritize data traffic based on its protocol and extend the capabilities of the iptables firewall beyond layer 3.

Scope

Scope would most likely involve extensive testing of the i7-filter kernel and iptables patches to ensure they conform to the Fedora quality standards.

How To Test

  • TBA by kernel experts. I can do testing from a sys admin perspective.

User Experience

Features would be immediately accessible via command line. However Fedora GUI tools such as the Firewall setup tool would need to be updated to support the new Layer 7 options.

Dependencies

Contingency Plan

  • Any user wanting layer 7 filtering capabilities would need to apply kernel and iptables patches.

Documentation

Release Notes

Comments and Discussion