[Bug 497] New: ipt_string doesn't ork for me
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Wed Aug 2 13:24:52 CEST 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=497
Summary: ipt_string doesn't ork for me
Product: iptables
Version: 1.3.5
Platform: All
OS/Version: Fedora
Status: NEW
Severity: normal
Priority: P2
Component: iptables
AssignedTo: laforge at netfilter.org
ReportedBy: maxim.britov at gmail.com
I trying to use string. iptables 1.3.5 / kernel 2.6.18-rc2-ck1
iptables -A INPUT -p tcp -m string --algo kmp --string 112233 -j LOG
iptables -A INPUT -p tcp -m string --algo kmp --string ! 112233 -j LOG
iptables -A INPUT -p tcp -m string --algo kmp --hex-string 112233 -j LOG
I get works 1st rule only.
Second rule never matches any packets. IMHO it should match any packet without
my string. I'm right?
3st rule iptables-save show as:
-A INPUT -p tcp -m string --string "112233" --algo kmp --to 65535 -j LOG
I think it transform my --hex-string into --string here. May I misunderstood
some here?
And "--algo bm --string 112233" doesn't want match 112233, but match x112233
where x=any byte
Is it bug or it is bm algorithm feature?
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list