Joel Merrick wrote: > On Thu, 2005-08-18 at 23:07 +0200, Vidar Tyldum Hansen wrote: > >>Preston Kutzner wrote: >> >>>I'm currently setting up a firewall using TSL 3.0, Shorewall 1.5.0 and >>>WonderShaper. I'm curious as to whether or not the Trustix kernel >>>includes the HTP qdisc, or will I have to compile my own kernel to get >>>it? Thanks. >> >>If by 'HTP' you mean 'HTB', then TSL3 got it by > > > Good 'ole Hierarchical Token Bucket. > > The area of interest for me would be Layer 7 protocol filtering with CBQ > etc.. > > It's a nice kernel and IPtables patch, where the application layer data > is inspected and a regex conducted on a chain of packets in a given > connection.. the regexp lets you find out what the actual content of the > payload is and lets you define a MARK for relevant iptables > filtering/throttling/mangling or whatever > > Has anyone tried this yet? http://l7-filter.sf.net
Not customly, but it's in action on my Linksys router at home. I'm very pleased with the QoS capabilities. Even when the SHDSL is maxed out with BitTorrent traffic I get decent latency in games. But it just struck me that I bet the reason TSL no longer ships a -firewall kernel is because they have competing non-free products. It would rock to have a TSL with L7-filter, IMQ and a neat bunch of patches from patch-o-matic. In a jiffy you could turn the old gateway into a real ISP and shape the traffic like a pro. Sadly I lack the time to maintain such a beast, or else I'd do it.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tsl-discuss mailing list [EMAIL PROTECTED] http://lists.trustix.org/mailman/listinfo/tsl-discuss
