From owner-freebsd-ipfw@FreeBSD.ORG Thu Nov 10 12:09:36 2005 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A298616A41F for ; Thu, 10 Nov 2005 12:09:36 +0000 (GMT) (envelope-from ppj@netfilter.com.br) Received: from hiperclubs.netfilter.com.br (hiperclubs.netfilter.com.br [201.45.167.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5FDAC43D72 for ; Thu, 10 Nov 2005 12:09:32 +0000 (GMT) (envelope-from ppj@netfilter.com.br) Received: from localhost (localhost.netfilter.com.br [127.0.0.1]) by hiperclubs.netfilter.com.br (Postfix) with ESMTP id B677676F676 for ; Thu, 10 Nov 2005 10:11:56 -0200 (BRST) Received: from hiperclubs.netfilter.com.br ([127.0.0.1]) by localhost (hiperclubs.netfilter.com.br [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 55978-07 for ; Thu, 10 Nov 2005 10:11:53 -0200 (BRST) Received: by hiperclubs.netfilter.com.br (Postfix, from userid 1001) id 2A47776F678; Thu, 10 Nov 2005 10:11:53 -0200 (BRST) Received: from MICROPPJ (200-204-120-145.dsl.telesp.net.br [200.204.120.145]) by hiperclubs.netfilter.com.br (Postfix) with ESMTP id 7BAC376F675 for ; Thu, 10 Nov 2005 10:11:50 -0200 (BRST) From: "Pedro Paulo de Magalhaes Oliveira Junior" To: Date: Thu, 10 Nov 2005 10:09:22 -0200 Message-ID: <000001c5e5ef$97247320$2d00a8c0@MICROPPJ> MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1250" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 Thread-Index: AcXl72hQtDsllADaQYOqLPLyXiBeYAAAABlw In-Reply-To: <20051110120050.3A6FB16A428@hub.freebsd.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Virus-Scanned: amavisd-new at netfilter.com.br X-Mailman-Approved-At: Thu, 10 Nov 2005 12:17:54 +0000 Subject: RE: String Match (Cesar) X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Nov 2005 12:09:36 -0000 IMHO this is the main disadvantage of FreeBSD and IPFW. Sure Linux has a better support on string match for IPS. ---------------------------------------------------------------------- Message: 1 Date: Wed, 9 Nov 2005 11:52:35 -0300 From: "Cesar" Subject: String Match To: Message-ID: <002b01c5e53d$38c99d30$f2faa8c0@ironman> Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original An interesting thing in iptables is that option to match strings, like this example: iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j REJECT --reject-with tcp-reset iptables -A FORWARD -p TCP -m string --string "GET /announce" -j REJECT --reject-with tcp-reset Did anyone wrote a similar patch to ipfw? or ... Is this something desirable to ipfw which the developers will put in the future? Thanks ------------------------------ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.12.8/163 - Release Date: 8/11/2005