Hello,
We recently migrated our servers from RedHat to Ubuntu based systems.
We used to have an IPtables rule that was blocking packets matching a
specific application file and below was the rule we had deployed.
-A INPUT -p udp -m udp --dport 514 -m string --string
"someapplication.exe" --algo bm -j DROP
In NFtables, I read in the blogs that string based blocking is not
possible. In the man page of Ubuntu, I see a note "The string type
is used to for character strings. A string begins with an
alphabetic character (a-zA-Z) followed by zero or more alphanumeric
characters or the characters /, -, _ and .. In addition anything
enclosed in double quotes (") is recognized as a string."
Can you please confirm if string based blocking is supported in Nftables.
Respectfully,
Eli Yam
