[prev in list] [next in list] [prev in thread] [next in thread] 

List:       l7-filter-developers
Subject:    Re: [l7-filter-developers] More l7 match(s)
From:       Matthew Strait <quadong () users ! sourceforge ! net>
Date:       2009-03-26 11:14:17
Message-ID: alpine.DEB.2.00.0903260610410.26836 () strait-desktop
[Download RAW message or body]

On Thu, 26 Mar 2009, Michele Petrazzo - Unipex wrote:

> Thanks for the example, but my problem isn't to optimizing iptables+l7 
> rules, but if there is a differences, talking about the l7 side, if the 
> module receive the "data" to analyze from a single iptables rule or a N 
> rules (where N are one for use)

l7-filter is designed to do this, yes.  Each time a packet traverses an 
l7-filter rule, the l7-filter code will get run.  If the same packet 
crosses more than one l7-filter rules, l7-filter only stores its data 
once, but of course attempts to match it twice.

-Matthew

------------------------------------------------------------------------------
_______________________________________________
l7-filter-developers mailing list
l7-filter-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/l7-filter-developers
[prev in list] [next in list] [prev in thread] [next in thread]