Incorrect. You specify the module you want to use with a '-m string' and then give it's parameter with a '--string "search this"' Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au -----Original Message----- From: Michael Kearey [mailto:mutk@xxxxxxxxxxxxxx] Sent: Wednesday, June 11, 2003 11:17 AM To: IPtables Users Subject: Re: string is not working, any help? Esteban wrote: <snip> > root@xxxxxx:~# iptables -t mangle -A PREROUTING -p tcp -m --string > "pepee" -j DROP > iptables v1.2.7a: Couldn't load match > `--string':/lib/iptables/libipt_--string.so: The clue is above. You don't have 'so' called libipt_--string, it's called libipt_string.so >cannot open shared object > file: No such file or directory > > Try `iptables -h' or 'iptables --help' for more information. > > why is not working --string match?? > im using pom version patch-o-matic-20030107 under 2.4.20 kernel. The correct syntax is : iptables -t mangle -A PREROUTING -p tcp -m string "pepee" -j DROP Cheers, Michael
