* IPtables l7 string
@ 2007-04-12 4:39 Stephan Higuti
2007-04-12 12:41 ` Ethy H. Brito
2007-04-12 12:54 ` Pablo Neira Ayuso
0 siblings, 2 replies; 5+ messages in thread
From: Stephan Higuti @ 2007-04-12 4:39 UTC (permalink / raw)
To: netfilter
Hello, anybody can help me with this:
osiris:~# iptables -t filter -A FORWARD -m string --string "orkut" -j DROP
iptables v1.3.4: STRING match: You must specify `--algo'
Try `iptables -h' or 'iptables --help' for more information.
--algo?
What's?
Best Regards
Stephan
--
---------------------------------------------------------------------
Stephan Higuti
MSN: higutisam@hotmail.com
Email: higuti.sam@gmail.com
---------------------------------------------------------------------
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPtables l7 string
2007-04-12 4:39 IPtables l7 string Stephan Higuti
@ 2007-04-12 12:41 ` Ethy H. Brito
[not found] ` <3da957060704120912s3719b9bcs56d426ce771a5060@mail.gmail.com>
2007-04-12 12:54 ` Pablo Neira Ayuso
1 sibling, 1 reply; 5+ messages in thread
From: Ethy H. Brito @ 2007-04-12 12:41 UTC (permalink / raw)
To: Stephan Higuti; +Cc: netfilter
On Thu, 12 Apr 2007 01:39:53 -0300
"Stephan Higuti" <higuti.sam@gmail.com> wrote:
> Hello, anybody can help me with this:
>
> osiris:~# iptables -t filter -A FORWARD -m string --string "orkut" -j DROP
> iptables v1.3.4: STRING match: You must specify `--algo'
from iptables man page:
--algo bm|kmp
Select the pattern matching strategy. (bm = Boyer-Moore,
kmp = Knuth-Pratt-Morris)
Ethy
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPtables l7 string
2007-04-12 4:39 IPtables l7 string Stephan Higuti
2007-04-12 12:41 ` Ethy H. Brito
@ 2007-04-12 12:54 ` Pablo Neira Ayuso
2007-04-12 16:12 ` Stephan Higuti
1 sibling, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2007-04-12 12:54 UTC (permalink / raw)
To: Stephan Higuti; +Cc: netfilter
Stephan Higuti wrote:
> Hello, anybody can help me with this:
>
> osiris:~# iptables -t filter -A FORWARD -m string --string "orkut" -j DROP
> iptables v1.3.4: STRING match: You must specify `--algo'
> Try `iptables -h' or 'iptables --help' for more information.
>
> --algo?
>
> What's?
$ man iptables
--algo bm|kmp
Select the pattern matching strategy. (bm = Boyer-Moore, kmp =
Knuth-Pratt-Morris)
--
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPtables l7 string
2007-04-12 12:54 ` Pablo Neira Ayuso
@ 2007-04-12 16:12 ` Stephan Higuti
0 siblings, 0 replies; 5+ messages in thread
From: Stephan Higuti @ 2007-04-12 16:12 UTC (permalink / raw)
To: netfilter
> from iptables man page:
>
> --algo bm|kmp
> Select the pattern matching strategy. (bm = Boyer-Moore,
> kmp = Knuth-Pratt-Morris)
>
> Ethy
So, should i use --algo bm or --algo kmp right?
Wich is better?
--
---------------------------------------------------------------------
Stephan Higuti
MSN: higutisam@hotmail.com
Email: higuti.sam@gmail.com
---------------------------------------------------------------------
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPtables l7 string
[not found] ` <3da957060704120912s3719b9bcs56d426ce771a5060@mail.gmail.com>
@ 2007-04-12 19:29 ` Ethy H. Brito
0 siblings, 0 replies; 5+ messages in thread
From: Ethy H. Brito @ 2007-04-12 19:29 UTC (permalink / raw)
To: Stephan Higuti; +Cc: netfilter
On Thu, 12 Apr 2007 13:12:22 -0300
"Stephan Higuti" <higuti.sam@gmail.com> wrote:
> > from iptables man page:
> >
> > --algo bm|kmp
> > Select the pattern matching strategy. (bm = Boyer-Moore,
> > kmp = Knuth-Pratt-Morris)
> >
> > Ethy
>
> So, should i use --algo bm or --algo kmp right?
> Wich is better?
Depends on what you are triyng to achieve.
Take some time to read the first lines from lib/ts_bm.c and lib/ts_kmp.c
under kernel tree.
The answer is there (I think!).
Ethy
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-04-12 19:29 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-04-12 4:39 IPtables l7 string Stephan Higuti
2007-04-12 12:41 ` Ethy H. Brito
[not found] ` <3da957060704120912s3719b9bcs56d426ce771a5060@mail.gmail.com>
2007-04-12 19:29 ` Ethy H. Brito
2007-04-12 12:54 ` Pablo Neira Ayuso
2007-04-12 16:12 ` Stephan Higuti
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.