[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Possible Setup

I have been watching posts go back and forth regarding Layer7 filtering with PF. What are the plans for this (if any). I was thinking about it, how difficult would it be to add in a setup similiar to the OSPF that currently exists. ie: a file of fingerprints (possibly converted from snort rules?), then used like:

drop in log quick on $ext_if layer 7 "edonkey login"
drop in log quick on $ext_if layer 7 "aim send message"

etc etc. I was lookin at the source in the OpenBSD tree, and there really wasn't any documentation to explain what some of the functions did, so I am not sure how to do this, as I was willing to attempt it myself.