* STring Replacement Patch [Quick Response]
@ 2005-12-29 10:42 Noman Liaquat
2005-12-29 11:43 ` Pablo Neira Ayuso
2005-12-29 16:30 ` STring Replacement Patch [Quick Response] Richard Pickett
0 siblings, 2 replies; 6+ messages in thread
From: Noman Liaquat @ 2005-12-29 10:42 UTC (permalink / raw)
To: m.d.berger, pablo, george.john
Cc: netfilter-devel, rob, khankhn1, mbr, ishwar, netfilter
I have downloaded the version of patch-o-matic-ng
from netfilter websites and now my patch of string
controlling is working, below command is the proof of
that
#iptables -A FORWARD -m string --algo bm --string
"hello" -j DROP
ok that is fine. is there any way to alter that
packet. to replace--string
is there any patch available, if yes so how i can
implement that patch.
I am using kernel 2.6.14.4 and latest patch-o-matic-ng
from svn repository of netfilter website. i am using
RedHat Enterprise Linux version#4(ES).
this is the websites
http://www.cipherdyne.org/fwsnort/
here iptables are providing --replace-string it is not
working fine giving errors to me.
I am waiting for quick response.
Regards
noman
__________________________________
Yahoo! for Good - Make a difference this year.
http://brand.yahoo.com/cybergivingweek2005/
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: STring Replacement Patch [Quick Response]
2005-12-29 10:42 STring Replacement Patch [Quick Response] Noman Liaquat
@ 2005-12-29 11:43 ` Pablo Neira Ayuso
2005-12-29 15:07 ` Problem in patch-o-matic-ng Amresh Kumar
2005-12-29 16:30 ` STring Replacement Patch [Quick Response] Richard Pickett
1 sibling, 1 reply; 6+ messages in thread
From: Pablo Neira Ayuso @ 2005-12-29 11:43 UTC (permalink / raw)
To: Noman Liaquat; +Cc: netfilter-devel, rob, george.john, mbr, ishwar, netfilter
Noman Liaquat wrote:
> I have downloaded the version of patch-o-matic-ng
> from netfilter websites and now my patch of string
> controlling is working, below command is the proof of
> that
the string match is available since kernel 2.6.14, so you don't need
pom-ng in any way.
> #iptables -A FORWARD -m string --algo bm --string
> "hello" -j DROP
>
> ok that is fine. is there any way to alter that
> packet. to replace--string
> is there any patch available, if yes so how i can
> implement that patch.
No, this functionality isn't implemented yet: The only sane way to do
this that I see at the moment is implementing a target called `STRING'.
Matches don't allow packet modifications. See the API requirements:
static int match(const struct sk_buff *skb, ...)
^^^
So, such target must implement the same features than the current
`string' match does plus the --replace-string thing.
--
Pablo
^ permalink raw reply [flat|nested] 6+ messages in thread* Problem in patch-o-matic-ng
2005-12-29 11:43 ` Pablo Neira Ayuso
@ 2005-12-29 15:07 ` Amresh Kumar
0 siblings, 0 replies; 6+ messages in thread
From: Amresh Kumar @ 2005-12-29 15:07 UTC (permalink / raw)
To: netfilter
Hello to all,
I have downloaded the latest version of patch-o-matic-ng. from netfilter
websites,also svn checkout for update and now my patch of random and nth
patch for load balancing , I have applied the following commands
1. iptables -A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW
-m nth --counter 0 \
--every 4 --packet 0 -j DNAT --to-destination 192.168.0.5:80
2. -A PREROUTING -i eth0 -p tcp --dport 80 -m state --state NEW -m random
--average 25 \
-j DNAT --to-destination 192.168.0.5:80
But i am getting the following error
iptables: No chain/target/match by that name.
My iptable version is iptables-1.3.4 , Kernel version linux-2.6.14.4
For this i have first applied random and nth patch rule from patch-o-matic.
after that recompile my kernel with iptables.
plz help me ..
Thanks in advance.
_________________________________________________________________
NRIs, paying for Money Transfers to India? Use Money2India. It’s FREE
http://creative.mediaturf.net/creatives/msn_product.htm
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: STring Replacement Patch [Quick Response]
2005-12-29 10:42 STring Replacement Patch [Quick Response] Noman Liaquat
2005-12-29 11:43 ` Pablo Neira Ayuso
@ 2005-12-29 16:30 ` Richard Pickett
2005-12-30 17:47 ` /dev/rob0
1 sibling, 1 reply; 6+ messages in thread
From: Richard Pickett @ 2005-12-29 16:30 UTC (permalink / raw)
To: 'Noman Liaquat', netfilter
> this is the websites
> http://www.cipherdyne.org/fwsnort/
>
> here iptables are providing --replace-string it is not
> working fine giving errors to me.
Hmmmm. Did you read that site yourself? Did you follow the instructions
on that site for getting --replace-string to work? Or did you just glaze
over that site and come back here and post to us?
> I am waiting for quick response.
You are pushy and impatient.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2006-01-01 9:31 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-12-29 10:42 STring Replacement Patch [Quick Response] Noman Liaquat
2005-12-29 11:43 ` Pablo Neira Ayuso
2005-12-29 15:07 ` Problem in patch-o-matic-ng Amresh Kumar
2005-12-29 16:30 ` STring Replacement Patch [Quick Response] Richard Pickett
2005-12-30 17:47 ` /dev/rob0
2006-01-01 9:31 ` Richard Pickett
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.