[Bug 737] New: string matching can not be negated
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Sun Aug 14 06:33:40 CEST 2011
http://bugzilla.netfilter.org/show_bug.cgi?id=737
Summary: string matching can not be negated
Product: netfilter/iptables
Version: linux-2.6.x
Platform: i386
OS/Version: Debian GNU/Linux
Status: NEW
Severity: trivial
Priority: P3
Component: unknown
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: danja at k0a1a.net
Estimated Hours: 0.0
hi there,
a simple rule:
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 80 -m string --to 70 !
--string 'GET /' --algo bm -j LOG
produces no results, whether the same but not negated rule does:
iptables -t mangle -A PREROUTING -i eth2 -p tcp --dport 80 -m string --to 70 !
--string 'GET /' --algo bm -j LOG
iptables: Version: 1.4.8-3
linux: 2.6.38-bpo.2-686 #1 SMP Tue Jun 14 11:43:18 UTC 2011 i686 GNU/Linux
greetings!
d
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
More information about the netfilter-buglog
mailing list