diff options
Diffstat (limited to 'src/usr/local/share/protocols/nntp.pat')
-rw-r--r-- | src/usr/local/share/protocols/nntp.pat | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/src/usr/local/share/protocols/nntp.pat b/src/usr/local/share/protocols/nntp.pat new file mode 100644 index 0000000..7a30578 --- /dev/null +++ b/src/usr/local/share/protocols/nntp.pat @@ -0,0 +1,21 @@ +# NNTP - Network News Transfer Protocol - RFCs 977 and 2980 +# Pattern attributes: good fast fast +# Protocol groups: ietf_proposed_standard +# Wiki: http://www.protocolinfo.org/wiki/NNTP +# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE +# +# usually runs on port 119 + +# This pattern is tested and is believed to work well (but could use +# more testing). + +nntp +# matches authorized login +# OR +# matches unauthorized login if the server says "news" after 200/201 +# (Half of the 2 servers I tested did :-), but they both required authorization +# so it's quite possible that this pattern will miss some nntp traffic.) +^(20[01][\x09-\x0d -~]*AUTHINFO USER|20[01][\x09-\x0d -~]*news) + +# same thing, slightly more accurate, but 100+ times slower +#^20[01][\x09-\x0d -~]*\x0d\x0a[\x09-\x0d -~]*AUTHINFO USER|20[01][\x09-\x0d -~]*news |