On Sun, Jun 11, 2023 at 02:07:57PM +0200, Jan Engelhardt wrote: > On Sunday 2023-06-11 13:34, Jeremy Sowden wrote: > > > iptables \-p udp \-\-dport 53 \-m string \-\-algo bm \-\-from 40 \-\-to 57 \-\-hex\-string '|03|www|09|netfilter|03|org|00|' > >+.P > >+NB since Boyer-Moore (BM) performs searches for matches from right to left and > >+the kernel may store a packet in multiple discontiguous blocks, it's possible > >+that a match could be spread over multiple blocks, in which case this algorithm > >+won't find it. > > It was better when it just said "Note" instead of NB (notebook, nota bene) Applied after s/NB/Note:/, thanks everyone!
