On Sat, Aug 30, 2003 at 08:28:38AM +1200, Steve Wright wrote: > > After I got the byte patterns and such, how might I go about > > blocking that? I can't very well set the rate to 0k or anything like > > that, so Ive been scratching my head on how to actually _block_ > > something with iproute2. Hmm, If I pull together enough info, maybe I'll > > throw together a HOWTO or something. > > I don't know enough to spoonfeed you on this. > > Google will help. keywords ; > > u32 examples iptables block match pattern If you change some keywords and use layer 7 filtering iptables after some clicking, you'll get at http://l7-filter.sourceforge.net/ which is somewhat less ugly than trying to parse packets using the u32 etc filters. Haven't tried it yet though, but this has far more potential. VrGr, -- Jasper Spaans http://jsp.vs19.net/contact/ <== You ask questions, we make insults... ==> <== http://www.insultant.nl/ ==>
Attachment:
pgp00172.pgp
Description: PGP signature
