Just when I think iptables is the most powerful tool in Linux, then comes L7 filter. The name itself is interesting and L7 means Layer 7, the application layer. With L7 filter, one can turn a Linux box into a bandwidth manager thereby offering QoS, priority and queuing of traffic. Commercial grade bandwidth manager costs at least HK$100k.
Since it works in the application layer, every single packet will be analyzed. It eats up significant resources. The CPU must be fast and there must be large memory to support L7.
No comments:
Post a Comment