Forum OpenACS Q&A: Response to How to bypass rp_filter: Nimba Worm

Posted by Tom Jackson on

The problem was that I wasn't catching all the worms, only those matching /scripts/*. Replacing the filter glob to /*.exe, allowed me to catch all worm attempts. If you are using my filter, or the original by Jim, I would recommend the change. Also, if you are using ACS, you must use a trace filter as well, otherwise you will run the risk of numerous db errors showing up in your log file. The global var I used probably isn't necessary.