Date: Thu, 17 Nov 2005 15:04:28 +0100 From: Jeremie Le Hen <jeremie@le-hen.org> To: Cesar <listas@itm.net.br> Cc: freebsd-ipfw@freebsd.org Subject: Re: String Match Message-ID: <20051117140428.GI5197@obiwan.tataz.chchile.org> In-Reply-To: <002b01c5e53d$38c99d30$f2faa8c0@ironman> References: <002b01c5e53d$38c99d30$f2faa8c0@ironman>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, > An interesting thing in iptables is that option to match strings, like this > example: > > iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j > REJECT --reject-with tcp-reset > iptables -A FORWARD -p TCP -m string --string "GET /announce" -j > REJECT --reject-with tcp-reset > > Did anyone wrote a similar patch to ipfw? or ... Is this something > desirable to ipfw which the developers will put in the future? In addition to what has been already said here, this has already been discussed : http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001227.html http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001262.html http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001287.html http://lists.freebsd.org/pipermail/freebsd-pf/2005-July/001288.html And this thread : http://lists.freebsd.org/pipermail/freebsd-ipfw/2004-March/thread.html#996 -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051117140428.GI5197>