The Netfilter String Match Extension is back!
20 November, 2005
The Fwsnort project translates Snort rules into equivalent Netfilter rules in the Linux kernel, and relies heavily on the Netfilter string match extension to match application layer data against malicious content strings. The string match extension is available once again with the release of the 2.6.14 Linux kernel (it was not available in any 2.6.x kernel until now). If you want to be able to run a decent percentage of Snort rules directly within the Linux kernel without having to run Snort at all, download Fwsnort!