2.string
iptables -I FORWARD -m string --string "sex" --algo [bm|kmp] -j DROP
谁能告诉我bm|kmp代表什么意思?
以下是邮件列表的原文:
> > Hi,
> > while running this command
> > # iptables -t nat -I PREROUTING -p tcp -s 192.168.2.20
> < -m string
> > --hex-string '0d0a0d0a594d5347' -j REJECT
> >
> > Not able to get the different options for '--algo' parameter .
> > Kernel 2.6.14 iptables v1.3.4 thanks - Jasbir
>
> --algo [bm|kmp]
>
> bm: Boyer-Moore
> kmp: Knuth-Pratt-Morris
>
> Those are the algorithm implemented at the moment.
>
> BTW, you should do that in the raw table, not nat. Nobody should use the
> nat table for filtering purposes.
>
> --
> Pablo
>
>
>
>
> Thankz Pablo for the reply and the "string" module :) . I redifined my
> rule now and after some googling found the right syntax for using the
> "--hex-string"
> # iptables -t raw -A PREROUTING -s $source_ip -m string --algo bm
> --hex-string "|0d 0a 59 4d 53 47|" -j DROP
> Whats the initial position/counter for the "--from" parameter 0 or 1
> and does it start from the IP header ?
Yes, the IP header. Use --from 0 for the initial position.
阅读(1967) | 评论(0) | 转发(0) |
