From: "George Vieira" <georgev@citadelcomputer.com.au>
To: cc <cc@belfordhk.com>, netfilter@lists.netfilter.org
Subject: RE: filtering by packet contents?
Date: Wed, 16 Jul 2003 15:51:28 +1000 [thread overview]
Message-ID: <09B04A55822EFF4DA48D2E0BB2941D4A15BF26@wardrive.citadelcomputer.com.au> (raw)
You can you use the p-o-m patch for the string module "-m string --string pattern"
this works and can be used for some funky stuff too like redirecting 1 virtual host on a server to another server which is very handy when a particular virtual host goes down...
Thanks,
____________________________________________
George Vieira
Systems Manager
georgev@citadelcomputer.com.au
Citadel Computer Systems Pty Ltd
http://www.citadelcomputer.com.au
-----Original Message-----
From: cc [mailto:cc@belfordhk.com]
Sent: Wednesday, July 16, 2003 2:47 PM
To: netfilter@lists.netfilter.org
Subject: filtering by packet contents?
Hi,
I don't know if I'm getting confused, so if
someone can clarify whether I'm using the
wrong tool for the problem; but basically,
I have a webserver behind a firewall
(iptables 1.2.8) and the web access
packets are filtering in properly.
Is it possible to set iptables to
drop any packets depending on
the content? The thing that
comes to mind is this CodeRed/
Nimda crap that comes in. While
it doesn't affect my webserver
at all, I just don't like it
clogging up the dang log.
At this point of writing, I'm tending
towards the answer of "No, iptables
is not the right tool, nor can it
do that." Is this correct?
Thanks for any clarification in
this matter.
Edmund
next reply other threads:[~2003-07-16 5:51 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-07-16 5:51 George Vieira [this message]
2003-07-16 6:22 ` filtering by packet contents? Daniel Chemko
-- strict thread matches above, loose matches on Subject: below --
2003-07-16 6:43 George Vieira
2003-07-16 11:30 ` Waldecir Loureiro dos Santos Filho
2003-07-16 13:34 ` Waldecir Loureiro dos Santos Filho
2003-07-16 4:47 cc
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=09B04A55822EFF4DA48D2E0BB2941D4A15BF26@wardrive.citadelcomputer.com.au \
--to=georgev@citadelcomputer.com.au \
--cc=cc@belfordhk.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.