cloper wrote:
list,
I have been watching posts go back and forth regarding Layer7 filtering
with PF. What are the plans for this (if any). I was thinking about it,
how difficult would it be to add in a setup similiar to the OSPF that
currently exists.
It would be really easy, about as
On 29 Jun 2004 04:09:00 -0700, [EMAIL PROTECTED] (Damien Miller) wrote:
I like this syntax. We could extend it to do:
drop in log quick on $ext_if layer 1 badly crimped cable
ROTFL
--
Konnt ihr mich horen?
Konnt ihr mich sehen?
Konnt ihr mich fuhlen?
Ich versteh euch nicht
Damien Miller writes:
I like this syntax. We could extend it to do:
drop in log quick on $ext_if layer 1 badly crimped cable
Har!
: Tuesday, June 29, 2004 12:11 AM
To: cloper
Cc: [EMAIL PROTECTED]
Subject: Re: Possible Setup
On Mon, Jun 28, 2004 at 03:16:15PM -0700, cloper wrote:
drop in log quick on $ext_if layer 7 edonkey login
drop in log quick on $ext_if layer 7 aim send message
While for applications TCP is a byte stream
list,
I have been watching posts go back and forth regarding Layer7 filtering
with PF. What are the plans for this (if any). I was thinking about it,
how difficult would it be to add in a setup similiar to the OSPF that
currently exists. ie: a file of fingerprints (possibly converted from
On Mon, Jun 28, 2004 at 03:16:15PM -0700, cloper wrote:
drop in log quick on $ext_if layer 7 edonkey login
drop in log quick on $ext_if layer 7 aim send message
While for applications TCP is a byte stream protocol, packet filters (as
the name implies) operate on a lower level. They do not see
Daniel,
I agree, I have no idea how the internals of PF work, and what it is
capable of, which is why I emailed the list :)
Would it be possible or feasible to write a daemon that does perform
logic and state tracking w/ regex, that could possibly speak to the PF
internals to add rules