1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-12-31 00:44:35 +02:00
openwrt-xburst/package/iptables/files/l7/ssl.pat
hauke 398b94811b [iptables] Update layer7 rules
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15544 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-05-01 15:20:34 +00:00

17 lines
631 B
Plaintext

# SSL and TLS - Secure Socket Layer / Transport Layer Security - RFC 2246
# Pattern attributes: good notsofast fast superset
# Protocol groups: secure ietf_proposed_standard
# Wiki: http://www.protocolinfo.org/wiki/SSL
# Copyright (C) 2008 Matthew Strait, Ethan Sommer; See ../LICENSE
#
# Usually runs on port 443
#
# This is a superset of validcertssl. For it to match, it must be first.
#
# This pattern has been tested and is believed to work well.
ssl
# Server Hello with certificate | Client Hello
# This allows SSL 3.X, which includes TLS 1.0, known internally as SSL 3.1
^(.?.?\x16\x03.*\x16\x03|.?.?\x01\x03\x01?.*\x0b)