Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

17 lines (16 sloc) 1.015 kb
- Allow a list of SIDs to have a manually specified target (such as
-j REJECT --reject-with tcp-reset). The list should come from the
command line with a new option and/or be read from a file.
- Make use of the u32 module for complex match criteria.
- Error checking in fwsnort.sh (at least for things like chain creation).
- Print more stats information such as shortest/longest pattern length, etc.
- Command line argument saving similar to fwknop.
- fwsnort init scripts?
- string match application layer offset bugfix (in the kernel).
- Ability to execute other fwsnort scripts from within the main fwsnort.sh
script. This would make it possible to have add a new fwsnort rule for
a specific signature to an existing fwsnort policy without removing
existing rules, or perhaps a new "--policy-add" option is in order.
- Ability to download Emerging Threats rulesets as a .tar.gz so that the
different classtypes can be used (e.g. within --include-type/exclude-type
options, etc.)
Jump to Line
Something went wrong with that request. Please try again.