regex match in ipfw rule?

[Don Bowman]

has anyone ever considered adding a regular
expression match type to ipfw? it seems like
this might be very useful. To be efficient,
and anchored, I guess it would need to 
be available for both IP and TCP and perhaps
other protocols (e.g. ip payload, tcp payload).

This could be used to match e.g. code-red style
worms.

one barrier is that there is not currently regex
support in kernel, but pcre could probably be
compiled for it.