Dear All I have an idea which I would like to run by developers and users alike.
Does anyone think 'pattern matching' on packets values would be a useful addition to pf' current capabilities? The idea would be to allow users to write simple numeric sequences representing packet values into the .conf file and associate them with rules. These numeric sequences could then be matched to values in headers of the target protocol packet(s); Thus, allowing for an extremely fine tuned (optional) analysis. I realise that this would incur a time penalty on parsing etc but I think this could be minimised in favour of the analytical benefits. Flame away, Im not proud X-), this is probably already covered by pf or is a crap idea and thats why no-one has bothered with it already. But hey, if i get good feedback then I'll start to implement it on my box at home and see how it turns out. Regards Chris ----------------------------------------------- public key: pgp.mit.edu (search string: crizza)
pgpIWN1rMe3II.pgp
Description: PGP signature
