L7 error
-
im trying to use L7 inspector to block torrents, below is what i get in my systemlog as soon as the rule is made active
Jul 10 19:30:04 php: : Sending HUP signal to 41910
Jul 10 19:30:04 ipfw-classifyd: Something went wrong waiting on kqueue. -
is any1 using L7 to block torrents, that is if its actually working in pfsense nanobsd at all
-
Hi,
until about 3 weeks ago I often tried it after a new snapshot was released. It never worked for me blocking torrents though. It also didn't block emule at that time back. When I tried it the last time I got 100% cpu load on classifyd. That's when I stopped to continue trying it out with newer snapshots.. wanted to wait until this is 100% done http://redmine.pfsense.org/issues/635
-
mayb Ermal can tell us when it would be completed or mayb if every1 requiring this feature could pitch in some $$ to start a bounty to get it completed asap.
-
I could be talked into doing that, but then we would have to be very specific to what L7 really is. And what the objectives are….
-
Sorry, but I think blocking torrent and emule, as nice as it is, shouldn't be a very high priority, what you think? ;)
-
The thing is, that a working L7 could do that easily…Mayby thats why...?
-
specific as in my understanding of L7 packet inspector being something that my ISP uses in this part of the world to block certain protocols and packet patterns used for VoIP and having the ability of mainly blocking p2p applications such as torrents etc that drain all the bandwidth
-
Read more here
http://www.webopedia.com/quick_ref/OSI_Layers.asp
-
The current Layer7 implementation/functionality pfsense offers -though only useable to block certain protocols- is a really nice feature already .
I'm very excited to try it out once it's working properly to block black sheep in the lan from using p2p ;) though I guess it's quite difficult to completely block this kind of traffic. -
im aware of the model but personally the only good use i can make of it is to block p2p currently, mayb it can do a lot more but using nanobsd on the alix board, wouldnt it be a bit more heavy duty for hardware muscle this small reducing the throughput?
y dont each of use mention what they would want in L7, provided its capable of it, this way the objectives can be more clear.