Please read this file and also: http://l7-filter.sf.net/README http://l7-filter.sf.net/HOWTO-kernel http://l7-filter.sf.net/protocols Mailing list: <l7-filter-developers AT lists. sf. net> Or if you're shy: Matthew Strait <quadong AT users d0t sf [dot] net> In this directory you will find: ***** kernel patches ***** - kernel-2.6.35-2.23.patch This patch is against 2.6.35. - kernel-2.6.25-2.6.28-layer7-2.22.patch This patch is against 2.6.28. It will not work with 2.6.24.x or earlier. Hopefully, it works with future kernel versions (obviously we don't know yet). This package will NOT be updated just because a new kernel is released. Check http://l7-filter.sourceforge.net/kernelcompat for up-to-date compatibility information. - kernel-2.4-layer7-2.22.patch This patch is against 2.4.31. It is extremely likely that it will work with all future 2.4 versions. If you have some bizzare reason to use an older 2.4 kernel, check http://l7-filter.sourceforge.net/kernelcompat - for_older_kernels/ Here are files named "kernel-[kernel version range]-layer7-[l7-filter-version].patch". Use the one that matches your kernel version. If the l7-filter version is not the latest, then it may be missing some newer features. See CHANGELOG. ***** iptables patches/files ***** - iptables-1.4.3forward-for-kernel-2.6.20forward/libxt_layer7.{c,man} Use these files if you are compiling iptables 1.4.3 or later against Linux 2.6.20 or later. - for_older_iptables/ Use these files if you are using an older version of iptables or Linux. Note that not all combinations are supported. This includes, but is not limited to: -- Compiling iptables 1.4.x against Linux 2.6.19.x or earlier. -- iptables 1.4.1, period. General notes: - You do NOT need to recompile iptables if you change your running kernel version across the 2.6.20 boundary and you already have a working iptables. - You DO need to recompile iptables if you switch from a kernel patched with l7-filter <= v2.10 to one patched with l7-filter >= v2.11.