Question on IPTables

From: Pyuesh Daya (
Date: 06/18/02

Date: Tue, 18 Jun 2002 17:38:39 +0200
From: Pyuesh Daya <>

Hi Guys

Has anybody tried to --string command to match a header string and deny the packet. For example :

$IPTABLES -t filter -I FORWARD -i eth0 -p tcp --dport 80 -m string --string="cmd.exe" -j LOG --log-level $LOGLEVEL --log-prefix "String Header Match"

How would I actually check if this works.

Pyuesh Daya
Tel : (011) 719 0384
Fax : (011) 719 0444
     To unsubscribe email
         with "unsubscribe" in the subject of the message.