Features/Layer7Filter

= Feature Name =


 * Layer 7 filter

Summary

 * The L7-filter project has developed patches for the kernel and iptables as well as a collection of pattern files in order to support the analysis and filtering of Layer 7 protocols. By incorporating these patches and pattern files into Fedora, a much broader base of users would have access to Layer 7 features for purposes such as Quality of Service and Security.

Owner

 * Name: David Cartwright


 * email:

Current status

 * Targeted release:
 * Last updated: 10 April 2009
 * Percentage of completion: 0%

Detailed Description

 * The L7-filter project home page is at http://l7-filter.sourceforge.net/.

Benefit to Fedora

 * Adding Layer 7 functionality into Fedora is in line with Fedora's strong focus on security and performance. Layer 7 filtering would provide the ability to analyze, filter and prioritize data traffic based on its protocol and extend the capabilities of the iptables firewall beyond layer 3.

Scope
Scope would most likely involve extensive testing of the i7-filter kernel and iptables patches to ensure they conform to the Fedora quality standards.

How To Test

 * TBA by kernel experts. I can do testing from a sys admin perspective.

User Experience
Features would be immediately accessible via command line. However Fedora GUI tools such as the Firewall setup tool would need to be updated to support the new Layer 7 options.

Contingency Plan

 * Any user wanting layer 7 filtering capabilities would need to apply kernel and iptables patches.

Documentation

 * L7-filter project home page: http://l7-filter.sourceforge.net/.

Comments and Discussion

 * See Talk:Features/Layer7Filter