http://blog.extremepattern.com/articles/2006/08/29/linux-layer-7-filter en-us 40 enjoy <h3> the L7-Filter is different from the L7-Switch</h3> <p>過濾器不是交換器?</p> <p>這個 netfilter 延伸模組可以新增 pattern 根據 <span class="caps">URL</span> 來貼標籤。但是貼了之後要做 redirect 不是很容易，主要是來不及改的問題，引述自 Linux Layer 7 <span class="caps">FAQ</span> :</p> <pre> L7-filter can't possibly identifiy what protocol a connection is using until it sees a packet with data in it. </pre> <p>要拆來看要爬到第四層以上，redirect 牽涉到第三層的問題，到了第四層要改第三層已經遲了，除非是 <span class="caps">UDP</span> 比較適用。</p> <pre> For TCP, this is the third packet, far too late to start redirecting anything. For UDP, it could work, providing that l7-filter gets enough data in the first packet to make a decision. </pre> <p>參考 <a href="http://l7-filter.sourceforge.net/layer7-protocols/protocols/http.pat">Http Pattern</a> 可以看到語法。</p> <h3> links</h3> <p><a href="http://l7-filter.sourceforge.net/">l7-filter</a></p> <p><a href="http://cha.homeip.net/blog/archives/2006/01/netfilter_exten.html">Jamyy weblog</a></p> <p><a href="http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/index.html"><span class="caps">LVS</span>-HOWTO</a></p> <p><a href="http://phorum.vbird.org/viewtopic.php?t=18108" lang="分享">打造 Linux 具有 L7-Filter Function?</a></p> <p><a href="http://www.pczone.com.tw/vbb3/showthread.php?t=119007" title=" kernel 2.6.14">【教學】Linux Layer 7 Netfilter <span class="caps">QOS</span> 實作成功紀錄</a></p> <p><a href="http://www.pczone.com.tw/vbb3/showthread.php?t=116666">Coyote Linux 頻寬管制 (QoS) 設定教學</a></p> <p><a href="http://www.pczone.com.tw/vbb3/showthread.php?t=110123">探討Qos頻寬管理器-解決塞車,搶頻寬,取代IP分享器</a></p> Tue, 29 Aug 2006 02:27:00 -0700 urn:uuid:aaaa4a85-bb13-42b8-88a1-511b1b85ced5 LIN http://blog.extremepattern.com/articles/2006/08/29/linux-layer-7-filter linux