* iptables v1.3.4: STRING match: You must specify `--algo' @ 2005-11-07 12:38 Jasbir Khehra 2005-11-08 1:01 ` Pablo Neira 0 siblings, 1 reply; 3+ messages in thread From: Jasbir Khehra @ 2005-11-07 12:38 UTC (permalink / raw) To: pablo, netfilter Hi, while running this command # iptables -t nat -I PREROUTING -p tcp -s 192.168.2.20 -m string --hex-string '0d0a0d0a594d5347' -j REJECT Not able to get the different options for '--algo' parameter . Kernel 2.6.14 iptables v1.3.4 thanks - Jasbir ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables v1.3.4: STRING match: You must specify `--algo' 2005-11-07 12:38 iptables v1.3.4: STRING match: You must specify `--algo' Jasbir Khehra @ 2005-11-08 1:01 ` Pablo Neira [not found] ` <e053ca9d0511110554v2b8f187bh63526a9cf887dfbc@mail.gmail.com> 0 siblings, 1 reply; 3+ messages in thread From: Pablo Neira @ 2005-11-08 1:01 UTC (permalink / raw) To: jasbir.k; +Cc: netfilter Jasbir Khehra wrote: > Hi, > while running this command > # iptables -t nat -I PREROUTING -p tcp -s 192.168.2.20 -m string > --hex-string '0d0a0d0a594d5347' -j REJECT > > Not able to get the different options for '--algo' parameter . > Kernel 2.6.14 iptables v1.3.4 thanks - Jasbir --algo [bm|kmp] bm: Boyer-Moore kmp: Knuth-Pratt-Morris Those are the algorithm implemented at the moment. BTW, you should do that in the raw table, not nat. Nobody should use the nat table for filtering purposes. -- Pablo ^ permalink raw reply [flat|nested] 3+ messages in thread
[parent not found: <e053ca9d0511110554v2b8f187bh63526a9cf887dfbc@mail.gmail.com>]
* Re: iptables v1.3.4: STRING match: You must specify `--algo' [not found] ` <e053ca9d0511110554v2b8f187bh63526a9cf887dfbc@mail.gmail.com> @ 2005-11-12 12:03 ` Pablo Neira 0 siblings, 0 replies; 3+ messages in thread From: Pablo Neira @ 2005-11-12 12:03 UTC (permalink / raw) To: Jasbir Khehra; +Cc: netfilter Jasbir Khehra wrote: > > > On 11/8/05, *Pablo Neira* <pablo@eurodev.net <mailto:pablo@eurodev.net>> > wrote: > > Jasbir Khehra wrote: > > Hi, > > while running this command > > # iptables -t nat -I PREROUTING -p tcp -s 192.168.2.20 > <http://192.168.2.20> -m string > > --hex-string '0d0a0d0a594d5347' -j REJECT > > > > Not able to get the different options for '--algo' parameter . > > Kernel 2.6.14 iptables v1.3.4 thanks - Jasbir > > --algo [bm|kmp] > > bm: Boyer-Moore > kmp: Knuth-Pratt-Morris > > Those are the algorithm implemented at the moment. > > BTW, you should do that in the raw table, not nat. Nobody should use the > nat table for filtering purposes. > > -- > Pablo > > > > > Thankz Pablo for the reply and the "string" module :) . I redifined my > rule now and after some googling found the right syntax for using the > "--hex-string" > # iptables -t raw -A PREROUTING -s $source_ip -m string --algo bm > --hex-string "|0d 0a 59 4d 53 47|" -j DROP > Whats the initial position/counter for the "--from" parameter 0 or 1 > and does it start from the IP header ? Yes, the IP header. Use --from 0 for the initial position. -- Pablo ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-11-12 12:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-11-07 12:38 iptables v1.3.4: STRING match: You must specify `--algo' Jasbir Khehra
2005-11-08 1:01 ` Pablo Neira
[not found] ` <e053ca9d0511110554v2b8f187bh63526a9cf887dfbc@mail.gmail.com>
2005-11-12 12:03 ` Pablo Neira
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox