Franco Fichtner <slashy83 <at> gmail.com> writes:

> so I have been working on a BSD licensed DPI engine.  It's a
> very lightweight, non-intrusive approach and I know that teasers
> are boring, but I'd like to know if it's worth the time to
> work on inclusion for pf(4).  So far I have about 25 supported
> applications and the necessary hooks for the pf.conf(5) parts.

If DPI stands for Deep Packet Inspection, than (afaik)
it was discussed before: this kind of inspection is too
complex to put into a kernel.

relayd already supports L7 filtering at least for http,
so if something is to be improved in this area, relayd
is better place, imo.

Reply via email to