Useful addition to ipfw
Borja Marcos
borjamar at sarenet.es
Tue Dec 13 08:02:35 PST 2005
Hello,
I've found myself in a situation where a simple data inspection
capability added to ipfw would be very useful.
I'm not thinking about anything especially sophisticated, but what
about adding an option to check byte values (or flags, similar to
tcpdump)?
An example rule could be: add deny udp from any to me 12345 udp[4]&234
being the rule true if byte 4 in the UDP packet AND the number 234 is
not zero.
P.S: I'm thinking about controlling some types of UDP packets than
can be identified by simple flags present in the packet data.
Opinions?
Borja.
More information about the freebsd-security
mailing list