The Netfilter String Match Extension is back!
20 November, 2005
The Fwsnort project translates
Snort rules into equivalent Netfilter rules in the Linux kernel, and relies heavily
on the Netfilter string match extension to match application layer data against
malicious content strings. The string match extension is available once again with
the release of the 2.6.14 Linux kernel (it was not available in any 2.6.x kernel
until now). If you want to be able to run a decent percentage of Snort rules
directly within the Linux kernel without having to run Snort at all,
download Fwsnort!
