Contributed by jose on from the more-mail dept.
"pf aficionados are cordially invited to join the mailing list that deals with any aspect of packet filtering on OpenBSD. Subscribe, grab a chair, and enjoy the discussion while sipping on a martini (shaken, not stirred, of course :).Now is your chance to shape your packet filter! I really should submit some patches I wrote recently ....echo subscribe | pf-request@benzedrine.cxOnline archives: http://www.benzedrine.cx/pf/ http://marc.theaimsgroup.com/?l=openbsd-pf "
(Comments are closed)
By Anonymous Coward () on
By Anonymous Coward () on
By RC () on
In pf, you can drop traffic if it has options you don't like, but what about further filtering? Does anything attempt to verify that a request to an HTTP server is a valid string and not an exploit, or that return traffic is valid, and not a remote shell?
What I'm talking about is traffic normalization, not IDS-style pattern matching. Are there any projects working torwards such a thing?