How Does L7-filter Work?

What L7-filter does is provides a way for iptables to match packets based on the application they belong to.

The TCP/IP model contains four layers and, before the L7-filter project, netfilter could match data by the first three layers:

Network access layer: iptables -A CHAIN -m mac --mac-source "
Internet: iptables -A CHAIN -s IP_ADDRESS "
Transport: iptables -A CHAIN -p tcp --dport 80

At the network access layer, netfilter uses -m mac to match packets from or to a MAC address in the network. At the layer above, the Internet layer, we have the IP protocol; netfilter matches packets from or to an IP address, regardless of the transport protocol, port number, or application the packet uses. At the transport layer, we have TCP ...

Get Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter by

How Does L7-filter Work?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly