Layer7 on newer 2.0 snapshots

Hi all!

Sorry for the lack of news lately, but the holidays got in the middle. First of all, I want to wish all our visitors a stupendous 2009!

Now, regarding pfSense and Layer7, I’m glad to announce that the code is already in the newer 2.0 snapshots. You can find the interface for layer7 rules generation in Firewall->Traffic Shaper. Documentation on how to operate with the layer7 is currently being constructed, and I hope to have it posted soon on the pfSense devWiki.

There are possibly some problems with divert implementation+ipfw-classifyd, so I can not guarantee that it’s going to work right now. But at least, you can have already a look at the work that has been done.

A quick tutorial on how to construct a layer7 container and have it applied to a rule:
(1) Go to Firewall->Traffic Shaper->Layer7
(2) Create a new rule, assigining it a name, setting it to active and defining what to do with the protocols. For example, there are 3 kinds of structures, but Limiter and Queue will only appear if you have already defined any limiter or queue in the other tabs, next to the layer7 one.
(3) After you create the rule, assign it to a pf rule in Firewall->Rules. Create a new LAN rule and assign the Layer7 Container you created previously (it’s almost in the end of the page).
(4) Report back your problems.

I encourage to report your problems and/or sugestions in the pfSense official forum, and I’ll be very thankfull for the help you all can give in testing this implementation!

P.S: We are working on getting the current shaper wizards to also produce layer7 rules. Stays tunned for more info on this.

About these ads

3 Responses to Layer7 on newer 2.0 snapshots

  1. David Nordin says:

    I just thought I had to give you my regards for this awesome effort!
    Thank you for your interest, professionalism and enthusiasm, and keep up the great work :)

  2. Benoit Bégin says:

    Wow, great works guys! Your hard work is very much appreciated! Thanks a lot!

  3. Laith Z. says:

    I donno what to say, this is the most wonderful job I ever seen this year to the moment.

    pfSense is the greatest firewall appliance I ever seen, I will stuck with it till death :D

    Thanks, and keep up the tremendous work,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: