Menu
I am trying to write rules to drop any packet, irrespective if it is outgoing, incoming or being forwarded, which has a specific sub string in the TCP or UDP payload.
How am I suppose to do that?
721
You'd need a kernel compiled with Netfilter "String match support" enabled.
Then you can
iptables -A INPUT -m string --algo bm --string "test" -j DROP
iptables -A OUTPUT -m string --algo bm --string "test" -j DROP
iptables -A FORWARD -m string --algo bm --string "test" -j DROP
Check the result wth
iptables -L
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
