I forgot to mention:
It would be useful to have the possibility to filter only incoming or
outgoing traffic or both in this fashion.
Hope this has some merit...
Levente
2011.09.24. 9:12 keltezéssel, Levente Peres írta:
Hi,
I have an idea for a possibly useful feature.
How about some possibility to "keep" a certain IP in a "sandbox",
where we can filter all it's traffic trough a virus/intrusion
detection filter, then allow it to be trusted for X hours/days and
pass it out to the general loadbalancing queue?
I recently had an attack where it would have been great if I could
filter the first 100 connections from that IP trouugh a
squid/clamd/etc supported backend, it would have caught the attack
(namely: upload of malware).
What do you think.
Levente
---
avast! Antivirus: Inbound message clean.
Virus Database (VPS): 110923-1, 2011.09.23
Tested on: 2011.09.24. 9:14:55
avast! - copyright (c) 1988-2011 AVAST Software.
http://www.avast.com