Layer 7 Filtering Posted by Adel Mubarak , Saturday, October 24, 2009 at 1:52 AM, in Labels: Security

L7 Filter is a nice, but perhaps little known, SourceForge project which provides an add-in module for iptables, the Linux firewall product. This obviously means it requires a Linux firewall be on your network for L7 Filter to be of use to you.

L7 Filter makes it possible to detect and prevent a range of network protocols which would otherwise be difficult to detect because they work over a number of different ports and aren’t limited to just one.
An example: companies often want to block BitTorrent applications which may be running on any of a range of different ports. Or, they might want to block MSN Messenger or other instant messaging applications; now these do usually a fixed port but can possibly switch to other ports including the web port, port 80, becoming burdensome for administrators to stop outright.