hi
u can use
iptables -A INPUT -p tcp -m --mport 80 -m --string "bad" -j DROP
---
Manish Kumar Arya
On Thu, 4 Apr 2002 08:36:13
Patrick Schaaf wrote:
>On Wed, Apr 03, 2002 at 01:06:26PM -0500, Errol U. Neal wrote:
>> Is it possible to use the string module to filter the body of a http
>> request for possible keywords?
>
>No. The string can be used to filter the content of a single data packet
>for a keyword. It has no knowledge of HTTP protocol, headers, and bodies.
>It cannot be used to match across packet boundaries, and packet boundaries
>are arbitrary, in principle, with TCP based protocols.
>
>As Fabrice Marie aleady pointed out, this has been extensively discussed
>here, with the resolution always being to use a HTTP proxy (e.g. squid)
>for the filtering, along with the iptables REDIRECT NAT feature to
>transparently get the request _to_ the proxies. You can find a complete
>description of how to do that in the squid FAQ at www.squid-cache.org.
>Just look for "netfilter" there.
>
>best regards
> Patrick
>
>
See Dave Matthews Band live or win a signed guitar
http://r.lycos.com/r/bmgfly_mail_dmb/http://win.ipromotions.com/lycos_020201/splash.asp
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
See Dave Matthews Band live or win a signed guitar
http://r.lycos.com/r/bmgfly_mail_dmb/http://win.ipromotions.com/lycos_020201/splash.asp
