Mailing List Archive: iptables: User

multiple match string don't work

Index | Next | Previous | View Threaded

bond_a_v at inbox

Jul 27, 2007, 12:31 AM

Post #1 of 2 (946 views)
Permalink

multiple match string don't work

Hello all !

I'm trying to use fwsnort on CentOS 5.0. My kernel is 2.6.18-8 and iptables v. 1.3.5. It created several rules with fwsnort for Netfilter but fast all of them have several match string options, such as :

iptables -A INPUT -d 192.168.52.10 -m string --string "GET" --algo bm -m string --string "passwd" -algo bm -j DROP

but all these commands fail to execute with the following error:

iptables v1.3.5: Unknown arg passwd'

when I manually run this command only with the first match condition:

iptables -A INPUT -d 192.168.52.10 -m string --string "GET" --algo bm -j DROP

it works, but not for two or more match string conditions. I don't know what to do. I man page of iptables a see that I can specify several match strings. Why it's not working for me ?

Regards, Alex

fd4 at itsec4u

Jul 31, 2007, 11:41 AM

Post #2 of 2 (894 views)
Permalink

Re: multiple match string don't work [In reply to]

looks for me like my conntrack_delete problem - no nice example within the man page.
order, arrangement is important

> iptables -A INPUT -d 192.168.52.10 -m string --string "GET" --algo bm -m string --string "passwd" -algo bm -j DROP
>

try this:
iptables -A INPUT -i eth0 -p tcp -d 192.168.52.10 -m string --string "PROPFIND" --algo bm -m string --string "passwd" --algo bm -j DROP

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads