diff options
| author | James <> | 2013-03-17 12:16:37 +0000 |
|---|---|---|
| committer | James <> | 2013-03-17 12:16:37 +0000 |
| commit | 27b76ab0671089c47506615a796a261e993896a7 (patch) | |
| tree | 61213d67e7fa87b20356b23798558e2c4212c42f /package/network/utils/iptables/files/l7/ssl.pat | |
| download | trunk-36060-master.tar.gz trunk-36060-master.tar.bz2 trunk-36060-master.zip | |
Diffstat (limited to 'package/network/utils/iptables/files/l7/ssl.pat')
| -rw-r--r-- | package/network/utils/iptables/files/l7/ssl.pat | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/package/network/utils/iptables/files/l7/ssl.pat b/package/network/utils/iptables/files/l7/ssl.pat new file mode 100644 index 0000000..ae30ee4 --- /dev/null +++ b/package/network/utils/iptables/files/l7/ssl.pat @@ -0,0 +1,16 @@ +# SSL and TLS - Secure Socket Layer / Transport Layer Security - RFC 2246 +# Pattern attributes: good notsofast fast superset +# Protocol groups: secure ietf_proposed_standard +# Wiki: http://www.protocolinfo.org/wiki/SSL +# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE +# +# Usually runs on port 443 +# +# This is a superset of validcertssl. For it to match, it must be first. +# +# This pattern has been tested and is believed to work well. + +ssl +# Server Hello with certificate | Client Hello +# This allows SSL 3.X, which includes TLS 1.0, known internally as SSL 3.1 +^(.?.?\x16\x03.*\x16\x03|.?.?\x01\x03\x01?.*\x0b) |