Sort of like a kernel-layer snort? That would be cool. Christopher Keeley [28/08/04 17:08 +0100]: > Dear All > > I have an idea which I would like to run by developers and users alike. > > Does anyone think 'pattern matching' on packets values would be > a useful addition to pf' current capabilities? > > The idea would be to allow users to write simple numeric sequences > representing packet values into the .conf file and associate them with rules. > > These numeric sequences could then be matched to values in headers of the target > protocol > packet(s); Thus, allowing for an extremely fine tuned (optional) analysis. > > I realise that this would incur a time penalty on parsing etc but I > think this could be minimised in favour of the analytical benefits. > > Flame away, Im not proud X-), this is probably already covered by pf or is a crap > idea > and thats why no-one has bothered with it already. > > But hey, if i get good feedback then I'll start to implement it on my > box at home and see how it turns out. > > > Regards > > Chris > > ----------------------------------------------- > public key: pgp.mit.edu (search string: crizza)
-- MailChannels: Imagine no more spam -- http://www.mailchannels.com MailChannels Corporation Suite 1600, 1188 West Georgia St. Vancouver, BC, Canada Ken Simpson, CEO +1-604-729-1741
