Hello,
On Thursday 16 May 2002 06:06, Mike Karras wrote: > Does anyone know how to filter packets based on data in a certain offset > in a TCP packet? You can use filtering application proxy (ie zorp or squid or whatever). > I'm trying to filter data to certain URLs behind a firewall.. > Say that I'm getting flooded with HTTP POST requests for a URL: > http://www.someplace.com/index.html?somevar=blah&something=else > in such magnitude that I'm getting DOS'ed. > By the time that it gets to the firewall, all domain information is gone, > true? > So I would have to test against that URL. > I haven't found any way to do this so far. Because a packet filter is not supposed to do that. As its names says it's a packet filter, not a filtering application proxy. This answer is going to go into the FAQ very soon. http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-3.html#ss3.16 http://freshmeat.net/projects/zorp/?topic_id=43%2C44%2C151 http://freshmeat.net/search/?q=squid§ion=projects Have a nice day, Fabrice. -- Fabrice MARIE Senior R&D Engineer Celestix Networks http://www.celestix.com/ "Silly hacker, root is for administrators" -Unknown
