NoBIGTech Wiki Técnico

User Tools

Site Tools

Trace:
docu:csheet:net:iptables:block_packets_by_content

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
docu:csheet:net:iptables:block_packets_by_content [2021/02/02 11:03] – created admindocu:csheet:net:iptables:block_packets_by_content [2021/02/02 11:04] (current) admin
Line 4: Line 4:
 \\ \\
  
-In this example, we block the output to a syslog endpoint that contains "closed keepalive connection"+In this example, we **block the output to a syslog UDP endpoint** that contains "closed keepalive connection"
 <code bash> <code bash>
 iptables -I OUTPUT -p udp --dport 514 -m string --string "closed keepalive connection" --algo kmp -j DROP iptables -I OUTPUT -p udp --dport 514 -m string --string "closed keepalive connection" --algo kmp -j DROP
 </code> </code>
 +
 +Use **-m string --string STRING --algo kmp** the times you need to match multiple strings in the same packet.
docu/csheet/net/iptables/block_packets_by_content.1612263789.txt.gz · Last modified: 2021/02/02 11:03 by admin

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki