Ehlo, Vidar Tyldum Hansen writes:
> Joel Merrick wrote: >> On Thu, 2005-08-18 at 23:07 +0200, Vidar Tyldum Hansen wrote: >> >>>Preston Kutzner wrote: >>> >>>>I'm currently setting up a firewall using TSL 3.0, Shorewall 1.5.0 and >>>>WonderShaper. I'm curious as to whether or not the Trustix kernel >>>>includes the HTP qdisc, or will I have to compile my own kernel to get >>>>it? Thanks. >>> >>>If by 'HTP' you mean 'HTB', then TSL3 got it by >> >> >> Good 'ole Hierarchical Token Bucket. >> >> The area of interest for me would be Layer 7 protocol filtering with CBQ >> etc.. >> >> It's a nice kernel and IPtables patch, where the application layer data >> is inspected and a regex conducted on a chain of packets in a given >> connection.. the regexp lets you find out what the actual content of the >> payload is and lets you define a MARK for relevant iptables >> filtering/throttling/mangling or whatever >> >> Has anyone tried this yet? http://l7-filter.sf.net > > Not customly, but it's in action on my Linksys router at home. I'm very > pleased with the QoS capabilities. Even when the SHDSL is maxed out with > BitTorrent traffic I get decent latency in games. > > But it just struck me that I bet the reason TSL no longer ships a > -firewall kernel is because they have competing non-free products. i dont think so.. they have just merged all functionalities in one kernel... > > It would rock to have a TSL with L7-filter, IMQ and a neat bunch of > patches from patch-o-matic. In a jiffy you could turn the old gateway > into a real ISP and shape the traffic like a pro. > > Sadly I lack the time to maintain such a beast, or else I'd do it. and you'll get it.. i'll release it somewhere in the future.. with other networking related patch too.. and even if i lack the time too ill maintain it anyway.. cheers Fremen _______________________________________________ tsl-discuss mailing list [EMAIL PROTECTED] http://lists.trustix.org/mailman/listinfo/tsl-discuss
