From owner-freebsd-ipfw@FreeBSD.ORG Wed Nov 9 14:53:14 2005 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3ACFC16A41F for ; Wed, 9 Nov 2005 14:53:14 +0000 (GMT) (envelope-from listas@itm.net.br) Received: from venom.fsonline.com.br (venom.fsonline.com.br [201.30.187.5]) by mx1.FreeBSD.org (Postfix) with SMTP id 4B89943D49 for ; Wed, 9 Nov 2005 14:52:56 +0000 (GMT) (envelope-from listas@itm.net.br) Received: (qmail 75870 invoked from network); 9 Nov 2005 11:47:00 -0300 Received: from unknown (HELO ironman) (200.222.223.29) by venom.fsonline.com.br with SMTP; 9 Nov 2005 11:47:00 -0300 Message-ID: <002b01c5e53d$38c99d30$f2faa8c0@ironman> From: "Cesar" To: Date: Wed, 9 Nov 2005 11:52:35 -0300 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2670 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 X-Antivirus: avast! (VPS 0545-1, 09/11/2005), Outbound message X-Antivirus-Status: Clean Subject: String Match X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Nov 2005 14:53:14 -0000 An interesting thing in iptables is that option to match strings, like this example: iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j REJECT --reject-with tcp-reset iptables -A FORWARD -p TCP -m string --string "GET /announce" -j REJECT --reject-with tcp-reset Did anyone wrote a similar patch to ipfw? or ... Is this something desirable to ipfw which the developers will put in the future? Thanks