Filtering specific bytes from packet layer 7 payload

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi fellow net filter'ers,

I need to filter packets with specific bytes in the layer 7 payload. 
I know the offsets of these bytes in relation to the beginning of the L7 section of the packet.
Howver, I can't figure out how to configure this in nft:

`man nft` section PAYLOAD EXPRESSIONS says: 
Payload expressions refer to data from the packet's payload.

But later on 'Supported payload protocol bases' only mentions filtering is supported in ll, nh & th:
       ┌─────┬─────────────────────────────────────────────┐
       │Base │ Description                                 │
       ├─────┼─────────────────────────────────────────────┤
       │ll   │ Link layer, for example the Ethernet header │
       ├─────┼─────────────────────────────────────────────┤
       │nh   │ Network header, for example IPv4 or IPv6    │
       ├─────┼─────────────────────────────────────────────┤
       │th   │ Transport Header, for example TCP           │
       └─────┴─────────────────────────────────────────────┘

It looks to me like L7 filtering is not supported. Am I wrong?

Thanks.
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux