The move to userland certainly makes l7-filter *less* dependent on Linux internals, but it's still pretty dependent. The packets are gotten and the marks are set with Linux-specific functions and data structures. However, if FreeBSD or another *nix has the necessary structure, someone who was familiar with it (not me!) could do a version for that OS which could reuse a lot of code from the the Linux version.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Logged In: YES
user_id=220960
Originator: NO
The move to userland certainly makes l7-filter *less* dependent on Linux internals, but it's still pretty dependent. The packets are gotten and the marks are set with Linux-specific functions and data structures. However, if FreeBSD or another *nix has the necessary structure, someone who was familiar with it (not me!) could do a version for that OS which could reuse a lot of code from the the Linux version.