cloper wrote:
list,
I have been watching posts go back and forth regarding Layer7 filtering
with PF. What are the plans for this (if any). I was thinking about it,
how difficult would it be to add in a setup similiar to the OSPF that
currently exists.
It would be really easy, about as
On 29 Jun 2004 04:09:00 -0700, [EMAIL PROTECTED] (Damien Miller) wrote:
I like this syntax. We could extend it to do:
drop in log quick on $ext_if layer 1 badly crimped cable
ROTFL
--
Konnt ihr mich horen?
Konnt ihr mich sehen?
Konnt ihr mich fuhlen?
Ich versteh euch nicht
Damien Miller writes:
I like this syntax. We could extend it to do:
drop in log quick on $ext_if layer 1 badly crimped cable
Har!
Realistically,
this kind of layer 7 stuff can be done in at least two ways:
1) Like spamd (or a transparent proxy) that is redirects all traffic
on a particular port (e.g. tcp/25) to another IP and port that is
services by a userland application. The application then communicates
as appropriate.
According to the pf FAQ:
Macros can be defined recursively. Since macros are not expanded within
quotes the following syntax must be used:
host1 = 192.168.1.1
host2 = 192.168.1.2
all_hosts = { $host1 $host2 }
However when one tries