User: staf

If you want more information ...

on Application Layer Packet Shaping on Linux

The layer 7 filtering is only a small part of a shaping setup. First of all, you need a htb or cbq setup. This changes the behaviour of the packets you send. You can create multiple cbq/htb classes. Each class can be seen as a seperate traffic channel that sends the packets that are placed in this class. Each class can have it's own config like minimal and maximal bandwidth, delays and so on.

To place the packets in the classes, you need some filters. The 2 most used filters are fw (it can use iptables marks) and u32 (it can use any bit in a packet). So basically, you are limited to ip-addresses and ports.

But with l7 filtering, you can look in the packets and use the contents of the packet to filter the packets and place them in the class you want. To do so, you have to be able the recognise the traffic. And that's what the extra kernel patch will do.

The more people are looking for ways to recognise patterns, the better. So if you find a new way to recoginise kazaa traffic (use tcpdump or so to examine the packets), send it to the l7 patch author so he can update the protocol definition file.

Some handy URL's :
lartc.org : information about "linux advanced routing and traffic control"
docum.org : my site :) with more info about traffic shaping with cbq/htb.