I am trying to write rules to drop any packet, irrespective if it is outgoing, incoming or being forwarded, which has a specific sub string in the TCP or UDP payload.
我试图编写规则来丢弃任何数据包,无论它是传出,传入还是被转发,它在TCP或UDP有效载荷中都有一个特定的子字符串。
How am I suppose to do that?
我怎么想这样做?
1 个解决方案
#1
You'd need a kernel compiled with Netfilter "String match support" enabled.
您需要一个使用Netfilter“String match support”编译的内核。
Then you can
然后你可以
iptables -A INPUT -m string --algo bm --string "test" -j DROP
iptables -A OUTPUT -m string --algo bm --string "test" -j DROP
iptables -A FORWARD -m string --algo bm --string "test" -j DROP
Check the result wth
检查结果
iptables -L
#1
You'd need a kernel compiled with Netfilter "String match support" enabled.
您需要一个使用Netfilter“String match support”编译的内核。
Then you can
然后你可以
iptables -A INPUT -m string --algo bm --string "test" -j DROP
iptables -A OUTPUT -m string --algo bm --string "test" -j DROP
iptables -A FORWARD -m string --algo bm --string "test" -j DROP
Check the result wth
检查结果
iptables -L