diff options
author | Renato Botelho <renato@netgate.com> | 2015-08-25 08:08:24 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2015-08-25 14:49:54 -0300 |
commit | 46bc6e545a17e77202aaf01ec0cd8d5a46567525 (patch) | |
tree | 32d18dda436ec739c67c489ceb771e8629cd926f /src/usr/local/share/protocols/snmp-mon.pat | |
parent | 4d9801c2dbd2b3e54a39578ee62b93af66607227 (diff) | |
download | pfsense-46bc6e545a17e77202aaf01ec0cd8d5a46567525.zip pfsense-46bc6e545a17e77202aaf01ec0cd8d5a46567525.tar.gz |
Move main pfSense content to src/
Diffstat (limited to 'src/usr/local/share/protocols/snmp-mon.pat')
-rw-r--r-- | src/usr/local/share/protocols/snmp-mon.pat | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/src/usr/local/share/protocols/snmp-mon.pat b/src/usr/local/share/protocols/snmp-mon.pat new file mode 100644 index 0000000..fe22662 --- /dev/null +++ b/src/usr/local/share/protocols/snmp-mon.pat @@ -0,0 +1,32 @@ +# SNMP Monitoring - Simple Network Management Protocol (RFC1157) +# Pattern attributes: good veryfast fast subset +# Protocol groups: networking ietf_internet_standard +# Wiki: http://en.wikipedia.org/wiki/SNMP +# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE +# +# Usually runs on UDP ports 161 +# +# These filters match SNMPv1 packets without fail, and are made +# as specific as possible not to match any ASN.1 encoded protocols. +# However these could still be matched by other protocols that +# use ASN.1 encoding + +# Contributed by Goli SriSairam <goli_sai AT yahoo.com> + +# This pattern has been tested and is believe to work well. +# +# To get or provide more information about this protocol and/or pattern: +# http://www.protocolinfo.org/wiki/SNMP +# http://lists.sourceforge.net/lists/listinfo/l7-filter-developers + +# SNMPv1 GET/GETNEXT/SET request and response +# matches SNMP header +# version \x02\x01 +# community \x04.+ +# PDU type [\xa0-\xa3] (GET/GETNEXT/SET/GETRESPONSE) +# RequestId \x02[\x01-\x04].?.?.?.? +# errorStatus \x02\x01.? +# errorIndex \x02\x01.? +# varbinds start \x30 +snmp-mon +^\x02\x01\x04.+[\xa0-\xa3]\x02[\x01-\x04].?.?.?.?\x02\x01.?\x02\x01.?\x30 |