Log inUsernamePassword
Log me on automatically each visit    
Register
Register
Log in to check your private messages
Log in to check your private messages
SMS Forum Index » General Discussion

Post new topic   Reply to topic
Where to get the sources to layer7 patch
View previous topic :: View next topic  
Author Message
kl522
Junior Member


Joined: 26 Jan 2015
Posts: 2

PostPosted: Mon Jan 26, 2015 10:47 am    Post subject: Where to get the sources to layer7 patch Reply with quote

I downloaded a few things from the website including the developer package but I could not find the sources. Is there any place where I could find the sources of the binary ?

Specifically I would like to find out the patches you used to compile the layer7 patched kernel and iptables. I would appreciate very much if I could find out the sources used for this.
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Tue Jan 27, 2015 12:25 am    Post subject: Reply with quote

Hi,
I attach the patches for layer7 apply them in kernel tree (3.10.x) as follows

Code:
patch -p1 < 600-netfilter_layer7_2.22.patch
patch -p1 < 601-netfilter_layer7_pktmatch.patch
patch -p1 < 602-netfilter_layer7_match.patch
patch -p1 < 603-netfilter_layer7_2.6.36_fix.patch
patch -p1 < 604-netfilter_conntrack_flush.patch
patch -p1 < 610-netfilter_match_bypass_default_checks.patch
patch -p1 < 611-netfilter_match_bypass_default_table.patch
patch -p1 < 612-netfilter_match_reduce_memory_access.patch
patch -p1 < 613-netfilter_optional_tcp_window_check.patch
patch -p1 < 633-netfilter_layer7_3.10.x_procfs_fix.2.patch
patch -p0 < 888-xt_layer_fix.patch


and use for iptables the extensions (included in attachement) v2.22 found at
http://sourceforge.net/projects/l7-filter/files/
in iptables source tree, like
Code:
cp -a $CWD/netfilter-layer7-v2.22/iptables-1.4.3forward-for-kernel-2.6.20forward/* extensions
sed  -i  '/if_packet/i#define __aligned_u64 __u64 __attribute__((aligned(8)))'    extensions/libxt_pkttype.c


If you need any help let me know...

gerasimos_h



layer7_patch.tar.bz2
 Description:
Layer7 patches for kernel-3.10.x and iptables

Download
 Filename:  layer7_patch.tar.bz2
 Filesize:  23.16 KB
 Downloaded:  3554 Time(s)


_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
kl522
Junior Member


Joined: 26 Jan 2015
Posts: 2

PostPosted: Tue Jan 27, 2015 5:55 am    Post subject: Reply with quote

Thank you for the post.

I wonder if there is any testing done on the layer7 functionality ?

eg :-

iptables -I INPUT -m layer7 --l7proto http -j DROP
iptables -I OUTPUT -m layer7 --l7proto http -j DROP
wget http://http.kernel.org

The wget should be blocked by those iptables rules.
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Wed Jan 28, 2015 9:52 am    Post subject: Reply with quote

Well, didn't actually tested, since kernel version 3.x, there is no official support for newer kernels, my goal is to build the kernel at first and that's why I implement imq patches as well...

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    SMS Forum Index » General Discussion All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

SMS - Superb! Mini Server Project © 2016
Powered by phpBB © 2001, 2002 phpBB Group
iCGstation v1.0 Template By Ray © 2003, 2004 iOptional