Home
Projects
Help

Search:

pfSense

All Projects

pfSense

Overview
Activity
Roadmap
Issues
Gantt
Calendar
News
Documents
Repository

Custom queries

2.4.5-p1 - Resolved/Closed
2.5.0 - Resolved/Closed
2.5.1 - Resolved/Closed
2.5.2 - Resolved/Closed
2.6.0 - Resolved/Closed
2.7.0 - Resolved/Closed
2.7.1 - All Open Issues
2.7.1 - Resolved/Closed
2.7.2 - Resolved/Closed
2.8.0 - All Open Bugs
2.8.0 - All Open Features
2.8.0 - All Open Issues
2.8.0 - All Open Regressions
2.8.0 - Feedback
2.8.0 - Needs Attention
2.8.0 - New/Confirmed
2.8.0 - Pull Requests
2.8.0 - Regressions affecting 2.7.0
2.8.0 - Resolved/Closed
21.02.2/2.5.1 - Resolved/Closed
21.05 Plus - All Closed Issues
21.05.1 Plus Target - All Closed Issues
21.05.1 Target - All Closed Issues
22.01 Plus - All Closed Issues
22.01 Target - All Closed Issues
22.05 Plus - All Closed Issues
22.05 Target - All Closed Issues
23.01 Plus - All Closed Issues
23.01 Target - All Closed Issues
23.05 Plus - All Closed Issues
23.05 Target - All Closed Issues
23.05.1 Plus - All Closed Issues
23.05.1 Target - All Closed Issues
23.09 Plus - All Closed Issues
23.09 Target - All Closed Issues
23.09.1 Plus - All Closed Issues
23.09.1 Target - All Closed Issues
24.03 Plus - All Closed Issues
24.03 Target - All Closed Issues
24.11 Plus - All Closed Issues
24.11 Plus - All Open Issues
24.11 Plus - Feedback Issues
24.11 Plus - Needs Attention/Work
24.11 Plus - New/Confirmed/In Progress Issues
24.11 Target - All Closed Issues
24.11 Target - All Open Issues
25.01 Plus - All Closed Issues
25.01 Plus - All Open Issues
25.01 Plus - Feedback Issues
25.01 Plus - Needs Attention/Work
25.01 Plus - New/Confirmed/In Progress Issues
25.01 Plus - Pull Request Review
25.01 Plus - Waiting on Merge
25.01 Target - All Closed Issues
25.01 Target - All Open Issues
All Open Issues assigned to Me
All Open Pull Requests
Any Target - All Open Regressions
Any Target - Feedback Issues
CE-Next - All Closed Issues (Move to specific target)
CE-Next - All Open Issues
CE-Next - Feedback (Likely needs target changed)
New Issues by Category - Future Target
New Issues by Category - No Target
New Issues by Category - No Target+Future
No Target - All Open Issues (Base Only)
No Target - New Issues (Base Only)
No Target - New Issues (Base and Packages)
Release Notes - Plus Target Version (DO NOT EDIT)
Release Notes - Target Version (DO NOT EDIT)

Actions

Copy link

Todo #5508

closed

remove layer7 pieces

Added by Chris Buechler about 9 years ago. Updated almost 9 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Chris Buechler

Category:

Layer 7

Target version:

2.3

Start date:

11/20/2015

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Description

ipfw-classifyd and friends haven't worked correctly in any FreeBSD 10.x base version, the functionality as implemented had extremely high CPU overhead and other difficulties back when it did (sort of) work, and it was very rarely used.

Opening this todo in favor of #4276 / #4416 / #4993

History
Notes
Property changes
Associated revisions

Actions

Copy link

Updated by Chris Buechler about 9 years ago

Status changed from Assigned to Feedback

Actions

Copy link

Updated by Chris Buechler about 9 years ago

Description updated (diff)

Actions

Copy link

Updated by Florent THOMAS about 9 years ago

Do you mean that Layer7 will disappear form the base distro?
Regards

Actions

Copy link

Updated by Kill Bill about 9 years ago

Florent THOMAS wrote:

Do you mean that Layer7 will disappear form the base distro?
Regards

Considering it's been completely broken ever since 2.2, what's the big surprise here?

Actions

Copy link

Updated by Phillip Davis almost 9 years ago

PR https://github.com/pfsense/pfsense/pull/2104 to remove a little bit more dead code.
Does anything need to be done to upgrade configs? Rules that have layer7 stuff might suddenly become [more|differently] permissive when the matched packets are no longer diverted to layer7 processing?

Actions

Copy link

Updated by Florent THOMAS almost 9 years ago

Kill Bill wrote:

Considering it's been completely broken ever since 2.2, what's the big surprise here?

Well, my question was more to know if there is an alternative planned? Applicative filter is a great solution and seeing it disappears from my favorite network distro is a sad news ;-)

Actions

Copy link

Updated by Jim Pingle almost 9 years ago

Not that much of a loss. It never worked well anyhow. The pattern files from the upstream project were out of date and unmaintained, and they rarely matched things properly.

Keep an eye on snort with OpenAppID if you're wanting to block.

Actions

Copy link

Updated by Chris Buechler almost 9 years ago

Status changed from Feedback to Resolved

config upgrade code added to remove any layer7 configuration, and file a notice where found so users are clearly aware. Verified that's all fine with multiple diff configs.

That was the last piece of this.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Todo #5508

remove layer7 pieces

Updated by Chris Buechler about 9 years ago

Updated by Chris Buechler about 9 years ago

Updated by Florent THOMAS about 9 years ago

Updated by Kill Bill about 9 years ago

Updated by Phillip Davis almost 9 years ago

Updated by Florent THOMAS almost 9 years ago

Updated by Jim Pingle almost 9 years ago

Updated by Chris Buechler almost 9 years ago