1. l7detect是一个基于流的应用协议识别的框架;

2. l7detect实现了四个常用的协议识别引擎，基于port的pde，基于字符和位置的规则sde, 基于lua的lde，基于lua的协议解析引擎cdde(可针对特定协议解析，并加入ip+port作为快速表协议识别特征，可用于ftp，sip等协议)这些引擎都是以插件方式存在，你也可以做出自己的引擎，将她放入l7detect中;

3. 你现在可以用lua来扩展你希望识别的其他协议，现在的lde是比较简陋的，只能基于包的字节，包的长度等一些常用特征进行匹配，但她已经具备了一定的可扩展性，如：跨包的匹配，状态机的切换等等;

4. 希望有兴趣的朋友可以一起开发和完善l7detect框架以及协议识别引擎，有想法的话可以互相交流，我的邮箱是windslinux@gmail.com;

5. l7detect以解决中国国内的协议为主要问题，因此对于国外协议可能会出现不能很好支持的情况，希望有兴趣的人可以完善协议特征库，协议特征库在test/app.proto中；

6. l7detect会长期发展下去，但我只能利用有限的工作之余的时间来完成，如果bug不能及时修复，请大家见谅；

7. 非常感谢各种开源软件和技术，emacs，gcc, Makefile, git，lua，wireshark，没有你们我无法完成任何事情；

8. 该软件在federal core 5上测试通过，编译使用的是gcc和Gnu make，编译前请先安装好libpcap的开发库，如果你在别的类unix平台上不能编译通过或运行，请致信；

English:

1. l7detect is a flow-based architecture of network application analysis;

2. Two simple engine was provied by l7detect, port base pde engine and lua based lde engine. All engines was designed as a plugin, so it is allowed to develop a new engine by yourself to add to l7detect;

3. lua config can be extended to support protocols you need. Although lde is a simple engine, she owns extensible characteristic, such as: multiple packet match, state machine. You are encouraged to enhance all protocol engines;

4. It's welcomed to develop l7detect framework and protocol detect engines, my email address is windslinux@gmail.com;

5. l7detect will slove most popular application protocols in China, other protocol is supported by someone who interested in it. Protocol signature is stored in test/app.proto file;

6. l7detect is a long-term project;

7. Thanks to a lot of open source project such as emacs，gcc, Makefile, git，lua，wireshark. Without the help of these project, I can do nothing;

8. l7detect was compiled and run in Fedore core 5, with gcc and Gnu make. If you have any problems, contact me with Email:windslinux@gmail.com;