Application proxy conclusions


IDS/IPS
I'm planning a PF-friendly "ipsd" for years now, PoC code exists...
...but I never had the priority or time to finish it.
Implementing an IPS is hard.
So we have to live with Snort (or Bro).

We didn't really care about application layer filtering in the past, but a better integration of PF and userland proxies is slowly turning into a very good framework.

Everything became faster, especially with the modern PF.