Adam Coyne wrote:
Alexey E. Suslikov wrote:
I'd like to pass or block certain packets based on an inspection
of the payload after scrubbing.
snort is your friend. check out http://www.snort.org/
As far as I have seen, snort's native blocking ability is limited to
adding firewall rules, and snor
On Friday, Aug 1, 2003, at 13:59 US/Pacific, Adam Coyne wrote:
I'd like to pass or block certain packets based on an inspection of
the payload after scrubbing. It might be fun if pf were able to use a
bpf-style expression like 'protocol[offset:size] = x' to create rules
which look at the data i
Alexey E. Suslikov wrote:
I'd like to pass or block certain packets based on an inspection
of the payload after scrubbing.
snort is your friend. check out http://www.snort.org/
As far as I have seen, snort's native blocking ability is limited to
adding firewall rules, and snort-inline, while it a
> I'd like to pass or block certain packets based on an inspection
> of the payload after scrubbing. It might be fun if pf were able to
> use a bpf-style expression like 'protocol[offset:size] = x' to
> create rules which look at the data in the packet, but it seems more
> practical to do it in a s
I'd like to pass or block certain packets based on an inspection of the
payload after scrubbing. It might be fun if pf were able to use a
bpf-style expression like 'protocol[offset:size] = x' to create rules
which look at the data in the packet, but it seems more practical to do
it in a separat
