I think an interesting example that people are fishing for below is
any ethernet broadcast packet going through an openbsd bridge,
one packet goes out many (all) interfaces.
Of course, which do you allow the reply from?
Even worse is when you have:
client-(bridge0)-router-(bridge1)-server
Now a
On Tue, Aug 05, 2003 at 10:26:46AM +0300, Alexey E. Suslikov wrote:
Both incoming and outgoing TCP connections will pass by those two rules,
create state, and all packets related to the connections will be assigned
to either the q_def or q_pri queues. Packets assigned to the q_pri queue
will
Adam Coyne wrote:
Alexey E. Suslikov wrote:
I'd like to pass or block certain packets based on an inspection
of the payload after scrubbing.
snort is your friend. check out http://www.snort.org/
As far as I have seen, snort's native blocking ability is limited to
adding firewall rules, and
