Layer7 Rules can close connections?
-
Hi,
I've been trying to filter some http packets that come with this form "GET /0.XXX" and it's filtering the packets very well using this pattern code:http-botnet1
/\x3f0\x2e[0-9].This blocks all the packets, but what I truly want is that if a packet with that form if recived, the connection should be closed.
Is there a way to do that?
-
I say you probably want to look into snort for this sort of stuff
-
IT just blocks the whole connection if a packet that matches is received.
Not whole packets.