On Thu, Aug 02, 2018 at 06:44:26PM +0430, Saber Rezvani wrote: > Dear all, > > > Some of my friends and I have decided to work on Linux community, and > add a new feature to the networking subsystem. We have concluded that > URL filtering with IP/NF tables may be a good feature if we can > implement it in Linux networking subsystem. Because through our research > we found out with the current IP/NF tables since that payload is spread > through several packets, it is not possible. IMHO, this can be easier implemented with help of userspace. This can be nfq-based program(something like https://github.com/lego12239/trfl), that assembles tcp session packets and mark matched connections for blocking. > First of all, I am eagerly looking forward to having your opinion about > this feature? Secondly, how could possibly we assure that community will > accept this feature? You know we want to have a contribution for the > community. Do you think this feature will be useful now? For example, filtering uri in https isn't possible and http using is decreasing now. -- Олег Неманов (Oleg Nemanov) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
