Fwsnort: Application layer IDS/IPS with iptables
Jan 12, 2011, 16:33 (0 Talkback[s])
[ Thanks to An Anonymous Reader for
this link. ]
"Fwsnort parses the rules files included in the Snort
intrusion detection system and builds an equivalent iptables
ruleset for as many rules as possible.
"Fwsnort utilizes the iptables string match module (together
with a custom patch that adds a --hex-string option to the iptables
user space code which is now integrated with iptables) to detect
application level attacks.
"Fwsnort 1.5 now is available for download. This is a major
release that moves to using the iptables-save format"