After adding string module to my kernel and compiled the kernel source. I can't find the string module. Did find this message on the netfilter homepage. -- string [string.patch] [string.patch.config.in] [string.patch.configure.help] [string.patch.help] [string.patch.makefile] Author: Emmanuel Roger <winfield@xxxxxxxxxxxx> Status: Working, not with kernel 2.4.9 This patch adds CONFIG_IP_NF_MATCH_STRING which allows you to match a string in a whole packet. THIS PATCH DOES NOT WORK WITH KERNEL 2.4.9 !!! --- Does this men that it won't work with NEWER kernels than 2.4.9? If so, is there a replacement. I would like to add a rule like this one. iptables -A INPUT -p tcp --dport 80 \ -m string --string "cmd.exe" -j DROP But error shows iptables v1.2.7a: Couldn't load match `string':/lib/iptables/libipt_string.so: cannot open shared object file: No such file or directory /Klintan
