Hi all, let's say someone is downloading a website using http/tcp/ip. This website is very large, i.e., there will be many IP packets in this TCP stream. I know that there is a certain phrase at the top of the website, let's say "foobar", which will therefore be part of the first IP packet of this TCP stream. I know that I can use the string match mechanism to match this first IP packet and drop it. However, is it also possibe to drop _all_ IP packets belonging to this TCP stream (i.e., also the reminder of the website) _if_ the first packet includes the phrase "foobar"? So what I want to say in a rule is: If the first (or simply "a") IP packet of a TCP stream contains a given phrase, then please filter (match) all IP packets which belong to this TCP stream. Can this be done using iptables / netfilter? Thanks, Michael -- icq: 71772353 | skype: daneel1409 | msn: mike@xxxxxxxxxxxx
