Layer7 working or not?



  • Has anybody had success with L7 recognition with the newest snapshots?

    I've tried with multiple snapshots, but as far as I can see, the system cannot load L7 rules (it says so in the system log) and therefore it is not working correctly.

    Comments?


  • Rebel Alliance Developer Netgate

    In another thread it was mentioned that ipfw and some other bits are missing in current snapshots since the underlying FreeBSD sources were updated to a more recent -STABLE date.

    It's possible the same issue is causing the l7 rules to malfunction.



  • @jimp:

    In another thread it was mentioned that ipfw and some other bits are missing in current snapshots since the underlying FreeBSD sources were updated to a more recent -STABLE date.

    It's possible the same issue is causing the l7 rules to malfunction.

    Ok, thanks for the info. Any idea when it will be fixed?


  • Rebel Alliance Developer Netgate

    I'm not really sure, some parts may already be fixed, I haven't had a chance to check and try. You might just keep trying new snapshots and see if it's any better or worse.

    If you can confirm that it is broken on the latest snapshots, a ticket should be opened at http://redmine.pfsense.org/

    I haven't tried using l7 rules before so I can't readily reproduce it with reasonable confidence.



  • Ermal is on vacation this week so it likely won't see any progress until next week. There is an open ticket on L7 issues.



  • L7 doesnt seem to work as yet also as i tried blocking bittorrent but doesnt work



  • Do you have entries in system log as foung protocol bitorrent?


  • Banned

    Any of you running squid when you are fiddling with L7?? If you are testing L7, disable proxy services….



  • @ermal:

    Do you have entries in system log as foung protocol bitorrent?

    system log doesnt mention any bittorrent



  • With latest snaps it should not matter regarding other services like squid.

    Why are you saying that squid does problems for you?


  • Banned

    If its me you are referring to, I'm just saying that it needs to flush the cache, to implement the new L7 rules….It has nothing to do with the actual routing, but more what is presented to the user searching for the site....

    @ermal:

    With latest snaps it should not matter regarding other services like squid.

    Why are you saying that squid does problems for you?


Log in to reply