How to block only MX query made to DNS server
Leonardo Rodrigues Magalhães
leolistas at solutti.com.br
Tue Nov 30 12:46:22 CET 2004
Dont forget that this rule will block ANY type of resolutions for
domains that contains MX in their names, just like 'flashmx.com' for
example.
I think you should get some tcpdump's and get the exactly HEX dump of
the MX query type and use with --string --hex-string instead of using simple
string rules.
Sincerily,
Leonardo Rodrigues
----- Original Message -----
From: <hclfm at pricol.co.in>
To: "pravin rane" <pgr_80 at yahoo.com>
Cc: <netfilter at lists.netfilter.org>
Sent: Tuesday, November 30, 2004 7:36 AM
Subject: RE: How to block only MX query made to DNS server
>
>>>I tried to run following command
>
>>># iptables -t filter -A INPUT -p udp --dport 53 -m
> string --string "MX" -j DROP
>
>>>But I am getting Error like
>
>>>iptables v1.2.8: Couldn't load match
>>>`string':/lib/iptables/libipt_string.so: cannot open
>>>shared object file: No such file or directory
>
>>>:-( Do I need to upgrade my iptables RPM
>
> Yes. Or rebuild kernel with strings modules support and compile iptables
> userspace
> again if necessary. Sorry for top posting in my previous reply.
More information about the netfilter
mailing list