• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

L7 error

Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
11 Posts 3 Posters 3.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • X
    xbipin
    last edited by Jul 10, 2010, 3:33 PM

    im trying to use L7 inspector to block torrents, below is what i get in my systemlog as soon as the rule is made active

    Jul 10 19:30:04 php: : Sending HUP signal to 41910
    Jul 10 19:30:04 ipfw-classifyd: Something went wrong waiting on kqueue.

    1 Reply Last reply Reply Quote 0
    • X
      xbipin
      last edited by Jul 16, 2010, 11:06 AM

      is any1 using L7 to block torrents, that is if its actually working in pfsense nanobsd at all

      1 Reply Last reply Reply Quote 0
      • M
        mxx
        last edited by Jul 16, 2010, 11:17 AM Jul 16, 2010, 11:15 AM

        Hi,

        until about 3 weeks ago I often tried it after a new snapshot was released. It never worked for me blocking torrents though. It also didn't block emule at that time back. When I tried it the last time I got 100% cpu load on classifyd. That's when I stopped to continue trying it out with newer snapshots.. wanted to wait until this is 100% done http://redmine.pfsense.org/issues/635

        1 Reply Last reply Reply Quote 0
        • X
          xbipin
          last edited by Jul 16, 2010, 11:23 AM

          mayb Ermal can tell us when it would be completed or mayb if every1 requiring this feature could pitch in some $$ to start a bounty to get it completed asap.

          1 Reply Last reply Reply Quote 0
          • S
            Supermule Banned
            last edited by Jul 16, 2010, 11:34 AM

            I could be talked into doing that, but then we would have to be very specific to what L7 really is. And what the objectives are….

            1 Reply Last reply Reply Quote 0
            • M
              mxx
              last edited by Jul 16, 2010, 11:38 AM

              Sorry, but I think blocking torrent and emule, as nice as it is, shouldn't be a very high priority, what you think? ;)

              1 Reply Last reply Reply Quote 0
              • S
                Supermule Banned
                last edited by Jul 16, 2010, 11:58 AM

                The thing is, that a working L7 could do that easily…Mayby thats why...?

                1 Reply Last reply Reply Quote 0
                • X
                  xbipin
                  last edited by Jul 16, 2010, 12:11 PM

                  specific as in my understanding of L7 packet inspector being something that my ISP uses in this part of the world to block certain protocols and packet patterns used for VoIP and having the ability of mainly blocking p2p applications such as torrents etc that drain all the bandwidth

                  1 Reply Last reply Reply Quote 0
                  • S
                    Supermule Banned
                    last edited by Jul 16, 2010, 12:16 PM

                    Read more here

                    http://www.webopedia.com/quick_ref/OSI_Layers.asp

                    1 Reply Last reply Reply Quote 0
                    • M
                      mxx
                      last edited by Jul 16, 2010, 12:41 PM

                      The current Layer7 implementation/functionality pfsense offers -though only useable to block certain protocols- is a really nice feature already .
                      I'm very excited to try it out once it's working properly to block black sheep in the lan from using p2p  ;) though I guess it's quite difficult to completely block this kind of traffic.

                      1 Reply Last reply Reply Quote 0
                      • X
                        xbipin
                        last edited by Jul 16, 2010, 12:44 PM

                        im aware of the model but personally the only good use i can make of it is to block p2p currently, mayb it can do a lot more but using nanobsd on the alix board, wouldnt it be a bit more heavy duty for hardware muscle this small reducing the throughput?

                        y dont each of use mention what they would want in L7, provided its capable of it, this way the objectives can be more clear.

                        1 Reply Last reply Reply Quote 0
                        11 out of 11
                        • First post
                          11/11
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                          This community forum collects and processes your personal information.
                          consent.not_received