[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I have been watching posts go back and forth regarding Layer7 filtering
with PF. What are the plans for this (if any). I was thinking about it,
how difficult would it be to add in a setup similiar to the OSPF that
currently exists. ie: a file of fingerprints (possibly converted from
snort rules?), then used like:
drop in log quick on $ext_if layer 7 "edonkey login"
drop in log quick on $ext_if layer 7 "aim send message"
etc etc. I was lookin at the source in the OpenBSD tree, and there
really wasn't any documentation to explain what some of the functions
did, so I am not sure how to do this, as I was willing to attempt it myself.