String Match (Cesar)
Pedro Paulo de Magalhaes Oliveira Junior
ppj at netfilter.com.br
Thu Nov 10 04:09:36 PST 2005
IMHO this is the main disadvantage of FreeBSD and IPFW.
Sure Linux has a better support on string match for IPS.
----------------------------------------------------------------------
Message: 1
Date: Wed, 9 Nov 2005 11:52:35 -0300
From: "Cesar" <listas at itm.net.br>
Subject: String Match
To: <freebsd-ipfw at freebsd.org>
Message-ID: <002b01c5e53d$38c99d30$f2faa8c0 at ironman>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=original
An interesting thing in iptables is that option to match strings, like this
example:
iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j
REJECT --reject-with tcp-reset
iptables -A FORWARD -p TCP -m string --string "GET /announce" -j
REJECT --reject-with tcp-reset
Did anyone wrote a similar patch to ipfw? or ... Is this something desirable
to ipfw which the developers will put in the future?
Thanks
------------------------------
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.12.8/163 - Release Date: 8/11/2005
More information about the freebsd-ipfw
mailing list