I trying to use string. iptables 1.3.5 / kernel 2.6.18-rc2-ck1 iptables -A INPUT -p tcp -m string --algo kmp --string 112233 -j LOG iptables -A INPUT -p tcp -m string --algo kmp --string ! 112233 -j LOG iptables -A INPUT -p tcp -m string --algo kmp --hex-string 112233 -j LOG I got worked first rule only. Second rule never matches any packets. IMHO it should match any packet without my string. I'm right? Thirst rule iptables-save show as: -A INPUT -p tcp -m string --string "112233" --algo kmp --to 65535 -j LOG I think it transform my --hex-string into --string here. May I misunderstood some here? -- Maxim Britov GnuPG KeyID 0x4580A6D66F3DB1FB xmpp:maxim@xxxxxxxx icq 198171258 Fingerprint: 4059 B5C5 8985 5A47 8F5A 8623 4580 A6D6 6F3D B1FB GnuPG-ru Team (http://lists.gnupg.org/mailman/listinfo/gnupg-ru xmpp:gnupg-ru@xxxxxxxxxxxxxxxxxxxx)
Attachment:
signature.asc
Description: PGP signature
