-
Notifications
You must be signed in to change notification settings - Fork 15
/
TODO
16 lines (16 loc) · 1015 Bytes
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
- Allow a list of SIDs to have a manually specified target (such as
-j REJECT --reject-with tcp-reset). The list should come from the
command line with a new option and/or be read from a file.
- Make use of the u32 module for complex match criteria.
- Error checking in fwsnort.sh (at least for things like chain creation).
- Print more stats information such as shortest/longest pattern length, etc.
- Command line argument saving similar to fwknop.
- fwsnort init scripts?
- string match application layer offset bugfix (in the kernel).
- Ability to execute other fwsnort scripts from within the main fwsnort.sh
script. This would make it possible to have add a new fwsnort rule for
a specific signature to an existing fwsnort policy without removing
existing rules, or perhaps a new "--policy-add" option is in order.
- Ability to download Emerging Threats rulesets as a .tar.gz so that the
different classtypes can be used (e.g. within --include-type/exclude-type
options, etc.)