- Allow a list of SIDs to have a manually specified target (such as
   -j REJECT --reject-with tcp-reset).  The list should come from the
   command line with a new option and/or be read from a file.
 - Make use of the u32 module for complex match criteria.
 - Error checking in fwsnort.sh (at least for things like chain creation).
 - Print more stats information such as shortest/longest pattern length, etc.
 - Command line argument saving similar to fwknop.
 - fwsnort init scripts?
 - string match application layer offset bugfix (in the kernel).
 - Ability to execute other fwsnort scripts from within the main fwsnort.sh
   script.  This would make it possible to have add a new fwsnort rule for
   a specific signature to an existing fwsnort policy without removing
   existing rules, or perhaps a new "--policy-add" option is in order.
 - Ability to download Emerging Threats rulesets as a .tar.gz so that the
   different classtypes can be used (e.g. within --include-type/exclude-type
   options, etc.)