A Rossi wrote:
Would it be feasible to add payload inspection to pfSense after its first release?
depends on what you mean by "payload inspection". There are as many definitions of "deep inspection", "payload inspection", etc. as there are marketing departments at firewall companies. In the open source world, iptables has the ability to basically run a regexp on payloads, but it's a stupid thing to do and isn't secure. Nice thread here: http://thread.gmane.org/gmane.os.freebsd.devel.pf4freebsd/952
I would like to see it more protocol aware than it is now, though how much we can accomplish that in the future remains to be seen (and depends on what others write for BSD).
-cmb
