Date: Tue, 13 Dec 2005 16:59:54 +0100 From: Borja Marcos <borjamar@sarenet.es> To: freebsd-security@freebsd.org Subject: Useful addition to ipfw Message-ID: <A20DB37F-36A2-42D1-8B05-EC14EE0858A1@sarenet.es>
next in thread | raw e-mail | index | archive | help
Hello, I've found myself in a situation where a simple data inspection capability added to ipfw would be very useful. I'm not thinking about anything especially sophisticated, but what about adding an option to check byte values (or flags, similar to tcpdump)? An example rule could be: add deny udp from any to me 12345 udp[4]&234 being the rule true if byte 4 in the UDP packet AND the number 234 is not zero. P.S: I'm thinking about controlling some types of UDP packets than can be identified by simple flags present in the packet data. Opinions? Borja.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A20DB37F-36A2-42D1-8B05-EC14EE0858A1>