* [PATCH] iptables: libxt_string.man add example
@ 2013-08-23 6:41 Laurence J. Lane
2013-08-23 19:38 ` Laurence J. Lane
0 siblings, 1 reply; 7+ messages in thread
From: Laurence J. Lane @ 2013-08-23 6:41 UTC (permalink / raw)
To: netfilter-devel; +Cc: Laurence J. Lane
Show delimeters for hex string pattern.
http://bugs.debian.org/699904
Signed-off-by: Laurence J. Lane <ljlane@debian.org>
---
extensions/libxt_string.man | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/extensions/libxt_string.man b/extensions/libxt_string.man
index b6b271d..ebea1d3 100644
--- a/extensions/libxt_string.man
+++ b/extensions/libxt_string.man
@@ -16,3 +16,10 @@ Matches the given pattern.
.TP
[\fB!\fP] \fB\-\-hex\-string\fP \fIpattern\fP
Matches the given pattern in hex notation.
+.TP
+Example:
+.PP
+ Log HTTP GET requests for /test:
+.PP
+ iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-string 'GET /test' \-j LOG
+ iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-hex\-string '|474554202F74657374|' \-j LOG
--
1.8.4.rc3
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] iptables: libxt_string.man add example
2013-08-23 6:41 [PATCH] iptables: libxt_string.man add example Laurence J. Lane
@ 2013-08-23 19:38 ` Laurence J. Lane
2013-08-23 20:55 ` [PATCH v2] " Laurence J. Lane
0 siblings, 1 reply; 7+ messages in thread
From: Laurence J. Lane @ 2013-08-23 19:38 UTC (permalink / raw)
To: Netfilter Development Mailinglist
The markup is wrong.
On Fri, Aug 23, 2013 at 2:41 AM, Laurence J. Lane <ljlane@debian.org> wrote:
> Show delimeters for hex string pattern.
>
> http://bugs.debian.org/699904
>
> Signed-off-by: Laurence J. Lane <ljlane@debian.org>
> ---
> extensions/libxt_string.man | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/extensions/libxt_string.man b/extensions/libxt_string.man
> index b6b271d..ebea1d3 100644
> --- a/extensions/libxt_string.man
> +++ b/extensions/libxt_string.man
> @@ -16,3 +16,10 @@ Matches the given pattern.
> .TP
> [\fB!\fP] \fB\-\-hex\-string\fP \fIpattern\fP
> Matches the given pattern in hex notation.
> +.TP
> +Example:
> +.PP
> + Log HTTP GET requests for /test:
> +.PP
> + iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-string 'GET /test' \-j LOG
> + iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-hex\-string '|474554202F74657374|' \-j LOG
> --
> 1.8.4.rc3
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v2] iptables: libxt_string.man add example
2013-08-23 19:38 ` Laurence J. Lane
@ 2013-08-23 20:55 ` Laurence J. Lane
2013-08-24 10:00 ` Florian Westphal
0 siblings, 1 reply; 7+ messages in thread
From: Laurence J. Lane @ 2013-08-23 20:55 UTC (permalink / raw)
To: netfilter-devel; +Cc: Laurence J. Lane
Show use of hex pattern delimeters.
http://bugs.debian.org/699904
Signed-off-by: Laurence J. Lane <ljlane@debian.org>
---
extensions/libxt_string.man | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/extensions/libxt_string.man b/extensions/libxt_string.man
index b6b271d..ab395b2 100644
--- a/extensions/libxt_string.man
+++ b/extensions/libxt_string.man
@@ -16,3 +16,9 @@ Matches the given pattern.
.TP
[\fB!\fP] \fB\-\-hex\-string\fP \fIpattern\fP
Matches the given pattern in hex notation.
+.TP
+Example: log HTTP GET requests for /test using string and hex string patterns
+.IP
+iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-string 'GET /test' \-j LOG
+.IP
+iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-hex\-string '|474554202F74657374|' \-j LOG
--
1.8.4.rc3
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v2] iptables: libxt_string.man add example
2013-08-23 20:55 ` [PATCH v2] " Laurence J. Lane
@ 2013-08-24 10:00 ` Florian Westphal
2013-08-24 21:37 ` [PATCH v3] iptables: libxt_string.man add examples Laurence J. Lane
0 siblings, 1 reply; 7+ messages in thread
From: Florian Westphal @ 2013-08-24 10:00 UTC (permalink / raw)
To: Laurence J. Lane; +Cc: netfilter-devel
Laurence J. Lane <ljlane@debian.org> wrote:
> diff --git a/extensions/libxt_string.man b/extensions/libxt_string.man
> index b6b271d..ab395b2 100644
> --- a/extensions/libxt_string.man
> +++ b/extensions/libxt_string.man
> @@ -16,3 +16,9 @@ Matches the given pattern.
> .TP
> [\fB!\fP] \fB\-\-hex\-string\fP \fIpattern\fP
> Matches the given pattern in hex notation.
> +.TP
> +Example: log HTTP GET requests for /test using string and hex string patterns
> +.IP
> +iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-string 'GET /test' \-j LOG
> +.IP
> +iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-hex\-string '|474554202F74657374|' \-j LOG
The second example doesn't make much sense to me, IMHO, since there is
no reason to use hex instead of ascii for this.
What about something like
-p udp --dport 53 -m string --algo bm --from 40 --to 57 --hex-string '|03|www|09|netfilter|03|org|00|'
?
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v3] iptables: libxt_string.man add examples
2013-08-24 10:00 ` Florian Westphal
@ 2013-08-24 21:37 ` Laurence J. Lane
2013-08-24 21:44 ` [PATCH v4] " Laurence J. Lane
2013-08-24 21:51 ` [PATCH v3] " Florian Westphal
0 siblings, 2 replies; 7+ messages in thread
From: Laurence J. Lane @ 2013-08-24 21:37 UTC (permalink / raw)
To: netfilter-devel; +Cc: Laurence J. Lane
Add usage examples for string and hex string patterns.
Reference: http://bugs.debian.org/699904
Signed-off-by: Laurence J. Lane <ljlane@debian.org>
---
extensions/libxt_string.man | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/extensions/libxt_string.man b/extensions/libxt_string.man
index b6b271d..3a2fa08 100644
--- a/extensions/libxt_string.man
+++ b/extensions/libxt_string.man
@@ -16,3 +16,13 @@ Matches the given pattern.
.TP
[\fB!\fP] \fB\-\-hex\-string\fP \fIpattern\fP
Matches the given pattern in hex notation.
+.TP
+Examples:
+.IP
+# The string pattern can be used for simple text characaters.
+.br
+iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-string 'GET /index.html' \-j LOG
+.IP
+# The hex string pattern can be used for non-printable characaters, like |0D 0A| or |0D0A|.
+.br
+iptables \-p udp \-\-dport 53 \-m string \-\-algo bm \-\-from 40 \-\-to 57 \-\-hex\-string '|03|www|09|netfilter|03|org|00|'
--
1.8.4.rc3
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v4] iptables: libxt_string.man add examples
2013-08-24 21:37 ` [PATCH v3] iptables: libxt_string.man add examples Laurence J. Lane
@ 2013-08-24 21:44 ` Laurence J. Lane
2013-08-24 21:51 ` [PATCH v3] " Florian Westphal
1 sibling, 0 replies; 7+ messages in thread
From: Laurence J. Lane @ 2013-08-24 21:44 UTC (permalink / raw)
To: netfilter-devel; +Cc: Laurence J. Lane
Add usage examples for string and hex string patterns.
Reference: http://bugs.debian.org/699904
Signed-off-by: Laurence J. Lane <ljlane@debian.org>
---
extensions/libxt_string.man | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/extensions/libxt_string.man b/extensions/libxt_string.man
index b6b271d..78cfafb 100644
--- a/extensions/libxt_string.man
+++ b/extensions/libxt_string.man
@@ -16,3 +16,13 @@ Matches the given pattern.
.TP
[\fB!\fP] \fB\-\-hex\-string\fP \fIpattern\fP
Matches the given pattern in hex notation.
+.TP
+Examples:
+.IP
+# The string pattern can be used for simple text characaters.
+.br
+iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-string 'GET /index.html' \-j LOG
+.IP
+# The hex string pattern can be used for non-printable characaters, like |0D 0A| or |0D0A|.
+.br
+iptables \-p udp \-\-dport 53 \-m string \-\-algo bm \-\-from 40 \-\-to 57 \-\-hex\-string '|03|www|09|netfilter|03|org|00|' \-j LOG
--
1.8.4.rc3
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v3] iptables: libxt_string.man add examples
2013-08-24 21:37 ` [PATCH v3] iptables: libxt_string.man add examples Laurence J. Lane
2013-08-24 21:44 ` [PATCH v4] " Laurence J. Lane
@ 2013-08-24 21:51 ` Florian Westphal
1 sibling, 0 replies; 7+ messages in thread
From: Florian Westphal @ 2013-08-24 21:51 UTC (permalink / raw)
To: Laurence J. Lane; +Cc: netfilter-devel
Laurence J. Lane <ljlane@debian.org> wrote:
> Add usage examples for string and hex string patterns.
>
> Reference: http://bugs.debian.org/699904
> Signed-off-by: Laurence J. Lane <ljlane@debian.org>
applied, thanks for updating.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2013-08-24 21:51 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-08-23 6:41 [PATCH] iptables: libxt_string.man add example Laurence J. Lane
2013-08-23 19:38 ` Laurence J. Lane
2013-08-23 20:55 ` [PATCH v2] " Laurence J. Lane
2013-08-24 10:00 ` Florian Westphal
2013-08-24 21:37 ` [PATCH v3] iptables: libxt_string.man add examples Laurence J. Lane
2013-08-24 21:44 ` [PATCH v4] " Laurence J. Lane
2013-08-24 21:51 ` [PATCH v3] " Florian Westphal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).