It is currently Mon, 27 Jun 2022 11:52:12 GMT



 
Author Message
 netfilter string match
Does anyone know how to get the string match going?
I downloaded netfilter 1.3.4 and compiled it but it ignores the
libipt_string module and doesnt compile it (I'm customizing a 2.6.13
kernel), libipt_string.c is there in the extensions directory.
I hunted through the stuff there and i cant see how to enable it. also,
scanning&reading for an hour at netfilter.org was fruitless. Therte must be
some file somewhere in the package that says essentially
"compile these extensions : x,y,z etc" but I cant find it
Anyone have experience with this?
Thanks
Eric


 Fri, 25 Apr 2008 06:49:29 GMT   
 netfilter string match

You need to add the patch-o-matic NG stuff and then build iptables
yourself.  Alternatively, there may be a binary for your distribution.
I found string match in the POM of 20040621 in the string
subdirectory.

CAVEAT:  When you configure, all the examples use apostrophes or
quotes.  Do not include them or your string match will fail.

CAVEAT: Construct the string match very carefully or you will affect
something unintended.
--
buck



 Sat, 26 Apr 2008 03:39:19 GMT   
 netfilter string match

what do you mean patch? the latest download wouldnt be patched its the
latest. I'm not upgrading my present install, that was uninstalled and i'm
building from scratch. I downloaded iptables-1.3.4.tar.bz2 I dont see what
you would patch that with, there is nothing newer.
Eric



 Mon, 28 Apr 2008 00:08:29 GMT   
 netfilter string match

I mean just what I said.  The string match is not in the standard
iptables.   If you want it, you must add it using POM or obtain a
binary for your distro that includes it.  Stop screaming and read the
netfilter web site.
--
buck



 Mon, 28 Apr 2008 09:41:46 GMT   
 netfilter string match

Well, there's patches there, but its a "patch against 1.3.3"
at this address:
http://www.netfilter.org/projects/iptables/downloads.html

Where are the patches you mentioned? i just cant find them out there.
I found  a reference to them but no way to get them.
ie: http://www.netfilter.org/projects/patch-o-matic/pom-extra.html
Eric



 Tue, 29 Apr 2008 02:43:46 GMT   
 netfilter string match

maybe searching for download at the site (left frame) will help.
And have a closer look at the documentation!

cheers,
another Eric



 Tue, 29 Apr 2008 04:47:58 GMT   
 netfilter string match

I assumed (wrongly i guess)  that the 3 repositories (SVN Repository,
ftp Server & rsync Server) were the same but just different ways of getting
the files. I only looked in the SVN link and then went to browse CVS link
and the patches aren't there, but there are some in the ftp repository (I
hope its the right stuff patch-o-matic-20031219.tar.bz2 seems to be the
latest
Anyway, thanks
Eric



 Tue, 29 Apr 2008 16:02:16 GMT   
 netfilter string match

This is what you're looking for:

http://netfilter.org/projects/patch-o-matic/index.html

--
buck



 Wed, 30 Apr 2008 01:54:23 GMT   
 
   [ 8 post ] 

Similar Threads

1. IPv6 netfilter state matching: Invalid packets

2. Netfilter: Rule matching questions

3. String matching algorythm

4. Unix - Matching data string from 2 files

5. Append string to each line if it matches a pattern

6. Search for best matched portion of a string

7. XPosting: Search for best matched string

8. rm Non-Matching string

9. Regular expression: matching one string and not the other


 
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software