I was thinking of payload inspection as a way to check to see if the payload contains requested data (like HTML, or mp3 or whatever the user is downloading) to make sure that it doesn't contain infected data (with a worm or such) that is piggybacking on legitimate data.
----- Original Message ----- From: "Chris Buechler" <[EMAIL PROTECTED]> To: <discussion@pfsense.com> Sent: Wednesday, September 21, 2005 11:42 AM Subject: Re: [pfSense-discussion] Payload inspection > A Rossi wrote: > > >Would it be feasible to add payload inspection to pfSense after its first > >release? > > > > > > depends on what you mean by "payload inspection". There are as many > definitions of "deep inspection", "payload inspection", etc. as there > are marketing departments at firewall companies. > > In the open source world, iptables has the ability to basically run a > regexp on payloads, but it's a stupid thing to do and isn't secure. > Nice thread here: > http://thread.gmane.org/gmane.os.freebsd.devel.pf4freebsd/952 > > I would like to see it more protocol aware than it is now, though how > much we can accomplish that in the future remains to be seen (and > depends on what others write for BSD). > > -cmb >
