Hi, I've been playing around with the u32 extention, and I have come across a problem. I was trying to block an http get request, for example GET /search*/ where search is a wild card. Now if I did: iptables -A OUTPUT -m u32 --u32 "0>>22&0x3C@12>>26&0x3C@ 0=0x47455420 && 0>>22&0x3C@12>>26&0x3C@ 4=0x2F736561 && 0>>22&0x3C@12>>26&0x3C@ 8&0xFFFFFF00=0x72636800 && 0>>22&0x3C@12>>26&0x3C@ 10&0xFFFF=0x2F20" -j REJECT I get this error: iptables v1.2.9: u32: at char 106 error reading number which points at the 8 in this part: "8&0xFFFFFF00=0x72636800" Now from what I have read, I see no reason this shouldn't work. I tried a similar looking line in William Stearns tutorial: iptables -m u32 --u32 "12&0xFFFFFF00=0xC0A80F00" Which gives the same error: iptables v1.2.9: u32: at char 3 error reading number. What is the problem here? Is it me, or my version of the u32 module? I am running iptables2.9, and used POM 20031219 to patch the kernel with the u32 module. Thanks for your help. -Shannon
