On Sat, 6 Oct 2001, Kurt Seifried wrote:
Yes, IPTables can inspect packets. Suggestion: get a recent version and check out the "string" keyword.
Cool! I wasn't aware of that.
I quizzed him about it yesterday. The packet filter provided by zeroknowledge (which runs on the windows box) has the capabilities to look into the packets and match against regular expressions provided by the operator, and that was the one that lit up when he started media player.
Moot point, ZK is dead. Dead'er then a flat squirrel.
Rumors of their death have been exaggerated. They no longer provide the anonymous browsing/pseudonymous email service they were known for, but they do still provide their firewall software, including the packet filter.
Something else you can do: use snort to inspect packets and then use a snort add on to block the packets dynamically (not that I strongly advocate this as it can lead to potential DoS).
.... hmmm... bear@www:~>man snort No manual entry for snort bear@www:~>apropos snort snort: nothing appropriate. bear@www:~>rpm -qa | grep snort bear@www:~>info snort [top level directory node of info...] I have 7.1 and installed nearly everything; is snort a part of SuSE new with 7.2, or is it from somewhere else? It sounds very useful. Ray