Re: ipt_string problems and FAQ

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sven Riedel <sr@gimp.org>
To: netfilter@lists.netfilter.org
Subject: Re: ipt_string problems and FAQ
Date: Wed, 3 Sep 2003 10:43:52 +0200	[thread overview]
Message-ID: <20030903084352.GB5028@localnet> (raw)
In-Reply-To: <Pine.LNX.4.51.0309011300560.32229@dns.toxicfilms.tv>

On Mon, Sep 01, 2003 at 01:03:48PM +0200, Maciej Soltysiak wrote:
> Hi,
> > ask where this FAQ entry is...
> http://www.netfilter.org/documentation/FAQ/netfilter-faq-3.html#ss3.14

Ok, slightly off topic to this thread, but I still need to know from
that faq entry:
QUOTE
Please do not use the string match from patch-o-matic instead of
application proxy filtering. It would be defeated anytime by fragmented
packets (i.e. an HTTP request split on two TCP packets), 
ENDQUOTE

I thought iptables collects all fragments and reassembles the packet
before applying any rules? Or am I dead wrong here? 

Regs,
Sven
-- 
Sven Riedel                      sr@gimp.org
Liebigstr. 38 
30163 Hannover                  "Python is merely Perl for those who
                                 prefer Pascal to C" (anon)

next prev parent reply	other threads:[~2003-09-03  8:43 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-08-27 17:19 ipt_string problems and FAQ Tabris
2003-09-01  1:41 ` cc
2003-09-01 11:03 ` Maciej Soltysiak
2003-09-01 12:21   ` Tabris
2003-09-04 18:28     ` Michael
2003-09-03  8:43   ` Sven Riedel [this message]
2003-09-03 13:16     ` Ralf Spenneberg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20030903084352.GB5028@localnet \
    --to=sr@gimp.org \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.