Question on IPTables

From: Pyuesh Daya (pyueshd@na.co.za)
Date: 06/18/02

• Previous message: Vijaya Kumar.S: "Re: NIS+"
• Next in thread: Duane Dunston: "Re: Question on IPTables"
• Reply: Duane Dunston: "Re: Question on IPTables"
• Reply: Muhammad Faisal Rauf Danka: "Re: Question on IPTables"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 18 Jun 2002 17:38:39 +0200
From: Pyuesh Daya <pyueshd@na.co.za>
To: security-discuss@linuxsecurity.com

Hi Guys

Has anybody tried to --string command to match a header string and deny the packet. For example :

$IPTABLES -t filter -I FORWARD -i eth0 -p tcp --dport 80 -m string --string="cmd.exe" -j LOG --log-level $LOGLEVEL --log-prefix "String Header Match"

How would I actually check if this works.

-- 
Regards
Pyuesh Daya
Tel : (011) 719 0384
Fax : (011) 719 0444
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.

---

• Previous message: Vijaya Kumar.S: "Re: NIS+"
• Next in thread: Duane Dunston: "Re: Question on IPTables"
• Reply: Duane Dunston: "Re: Question on IPTables"
• Reply: Muhammad Faisal Rauf Danka: "Re: Question on IPTables"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > linuxsecurity  > 2002-06