From 46bc6e545a17e77202aaf01ec0cd8d5a46567525 Mon Sep 17 00:00:00 2001
From: Renato Botelho <renato@netgate.com>
Date: Tue, 25 Aug 2015 08:08:24 -0300
Subject: Move main pfSense content to src/

---
 src/usr/local/share/protocols/telnet.pat | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 src/usr/local/share/protocols/telnet.pat

(limited to 'src/usr/local/share/protocols/telnet.pat')

diff --git a/src/usr/local/share/protocols/telnet.pat b/src/usr/local/share/protocols/telnet.pat
new file mode 100644
index 0000000..cf10d0e
--- /dev/null
+++ b/src/usr/local/share/protocols/telnet.pat
@@ -0,0 +1,16 @@
+# Telnet - Insecure remote login - RFC 854
+# Pattern attributes: good veryfast fast
+# Protocol groups: remote_access obsolete ietf_internet_standard
+# Wiki: http://www.protocolinfo.org/wiki/Telnet
+# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE
+#
+# Usually runs on port 23
+#
+# This pattern is lightly tested.
+
+telnet
+# Matches at least three IAC (Do|Will|Don't|Won't) commands in a row.  
+# My telnet client sends 9 when I connect, so this should be fine.
+# This pattern could fail on a unchatty connection or it could be 
+# matched by something non-telnet spewing a lot of stuff in the fb-ff range.
+^\xff[\xfb-\xfe].\xff[\xfb-\xfe].\xff[\xfb-\xfe]
-- 
cgit v1.1