String Match
Jeremie Le Hen
jeremie at le-hen.org
Thu Nov 17 06:04:57 PST 2005
Hi,
> An interesting thing in iptables is that option to match strings, like this
> example:
>
> iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j
> REJECT --reject-with tcp-reset
> iptables -A FORWARD -p TCP -m string --string "GET /announce" -j
> REJECT --reject-with tcp-reset
>
> Did anyone wrote a similar patch to ipfw? or ... Is this something
> desirable to ipfw which the developers will put in the future?
In addition to what has been already said here, this has already
been discussed :
http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001227.html
http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001262.html
http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001287.html
http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001288.html
And this thread :
http://lists.freebsd.org/pipermail/freebsd-ipfw/2004-March/thread.html#996
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
More information about the freebsd-ipfw
mailing list