Am Mi, den 29.06.2005 schrieb Ovidiu Lixandru um 20:09:
I've got a RedHat Linux 9 router which provides net for a LAN via DNAT.
Sorry to say, but this is the wrong auditorium for Red Hat Linux 9 issues.
On this machine I plan to use layer 7 filtering in order to get rid of some unwanted instant messaging and p2p protocols for some of the internal IP's. So far, I've found l7-filter which seems to provide what I need. I've rebuilt the iptables-1.2.9-2.3.1 srpm including the l7-filter patch and it worked nicely. The ugly part comes with the kernel (2.4.20-8). I've deployed the srpm
O man, that old kernel is long. long time obsolete and a no-go for a firewalling router! Have a close look at the Fedora Legacy Project.
At this point, I'm pondering whether to switch to a recent RHEL 2.6 kernel and try patching that or get some other layer 7 filtering software which may work nicely with the RH 2.4.20 kernel (is there any other?).
Migrate to Fedora - then you are right here (or get RHEL or CentOS and use their communication routes).
Alexander