IMHO this is the main disadvantage of FreeBSD and IPFW.
Sure Linux has a better support on string match for IPS.
----------------------------------------------------------------------
Message: 1
Date: Wed, 9 Nov 2005 11:52:35 -0300
From: "Cesar" <[EMAIL PROTECTED]>
Subject: String Match
To: <freebsd-ipfw@freebsd.org>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=original
An interesting thing in iptables is that option to match strings, like this
example:
iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j
REJECT --reject-with tcp-reset
iptables -A FORWARD -p TCP -m string --string "GET /announce" -j
REJECT --reject-with tcp-reset
Did anyone wrote a similar patch to ipfw? or ... Is this something desirable
to ipfw which the developers will put in the future?
Thanks
------------------------------
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.12.8/163 - Release Date: 8/11/2005
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
