No, pf cannot filter on text content. That would be what is called deep inspection.
If the script kiddies mess around with the webserver you would need an application firewall like mod_security
See http://en.wikipedia.org/wiki/Firewall_%28computing%29 for information about the OSI levels a packet filter operates.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|