Gáspár Lajos wrote:
Michal Martinek írta:
Gáspár Lajos wrote:
Michal Martinek írta:
Hello all,
I am quite a newbie to the netfilter world, so maybe my approach is
naive. I would like to block communication coming from/to some ports
according to the content of packets. Unfortunately these ports are
not static, so port specific netfilter rule cannot be used. So my
question is:
Do you know the STRING module ?
I'm afraid not. Can you give me some explanation (or link)?
Well... :) man iptables...
iptables -A FORWARD -j DROP -p tcp -m string --string 'Some string'
--algo kmp
Thanks, I was too fast to answer without looking into man pages:-). But
this module would just save me some work with analyzing packets. The
problem is that I would like to detect video stream in which I can
recognize only some "key packets". The rest is (for me) unrecongnizable
and I only know that they are coming from/to the same port.
Is it possible to obtain some address info (source/destination
address and ports) from the packet queued from netfilter?
