On Tue, 2012-09-18 at 07:32 +0200, Jan Engelhardt wrote: > On Tuesday 2012-09-18 03:54, Julien Vehent wrote: > > > On 2012-09-17 18:30, Usuário do Sistema wrote: > >> Hello everyone, > >> > >> it's possible to drop traffic to facebook with iptables Layer7 ? I > >> have done some test with Squid but I found some difficult because I'm > >> using Transparent Proxy so maybe it been more easy to drop with > >> iptables layer7. > >> > >> any tips is welcome......as well as some how to.... > >> > >> > > > > iptables -t filter -I FORWARD -p tcp --dport 80 -m string --string "host: > > facebook.com" --icase --algo bm -j DROP > > > > Of course, this won't work with HTTPS connections. > > And easily kills the connection whenever there's "host: facebook.com" in > the payload. Like... this mail, when read through a web archive. <snip> Isn't that where one would specify the offsets - not to mention more efficient parsing? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
