IPtables l7 string

Email lists > Netfilter iptables discussion and user questions

Thread: IPtables l7 string

Search this list only Search all lists
IPtables l7 string
	2007-04-11 23:39:53
Hello, anybody can help me with this: osiris:~# iptables -t filter -A FORWARD -m string --string "orkut" -j DROP iptables v1.3.4: STRING match: You must specify `--algo' Try `iptables -h' or 'iptables --help' for more information. --algo? What's? Best Regards Stephan -- ------------------------------------------------------------ --------- Stephan Higuti MSN: higutisamhotmail.com Email: higuti.samgmail.com ------------------------------------------------------------ ---------

Re: IPtables l7 string
Brazil	2007-04-12 07:41:11
On Thu, 12 Apr 2007 01:39:53 -0300 "Stephan Higuti" <higuti.samgmail.com> wrote: > Hello, anybody can help me with this: > > osiris:~# iptables -t filter -A FORWARD -m string --string "orkut" -j DROP > iptables v1.3.4: STRING match: You must specify `--algo' from iptables man page: --algo bm\|kmp Select the pattern matching strategy. (bm = Boyer-Moore, kmp = Knuth-Pratt-Morris) Ethy

Re: IPtables l7 string
Spain	2007-04-12 07:54:35
Stephan Higuti wrote: > Hello, anybody can help me with this: > > osiris:~# iptables -t filter -A FORWARD -m string --string "orkut" -j DROP > iptables v1.3.4: STRING match: You must specify `--algo' > Try `iptables -h' or 'iptables --help' for more information. > > --algo? > > What's? $ man iptables --algo bm\|kmp Select the pattern matching strategy. (bm = Boyer-Moore, kmp = Knuth-Pratt-Morris) -- The dawn of the fourth age of Linux firewalling is coming; a time of great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris

Re: IPtables l7 string
	2007-04-12 11:12:48
> from iptables man page: > > --algo bm\|kmp > Select the pattern matching strategy. (bm = Boyer-Moore, > kmp = Knuth-Pratt-Morris) > > Ethy So, should i use --algo bm or --algo kmp right? Wich is better? -- ------------------------------------------------------------ --------- Stephan Higuti MSN: higutisamhotmail.com Email: higuti.samgmail.com ------------------------------------------------------------ ---------

Re: IPtables l7 string
Brazil	2007-04-12 14:29:48
On Thu, 12 Apr 2007 13:12:22 -0300 "Stephan Higuti" <higuti.samgmail.com> wrote: > > from iptables man page: > > > > --algo bm\|kmp > > Select the pattern matching strategy. (bm = Boyer-Moore, > > kmp = Knuth-Pratt-Morris) > > > > Ethy > > So, should i use --algo bm or --algo kmp right? > Wich is better? Depends on what you are triyng to achieve. Take some time to read the first lines from lib/ts_bm.c and lib/ts_kmp.c under kernel tree. The answer is there (I think!). Ethy

[1-5]

about | contact Other archives ( Real Estate discussion Medical topics )