Blame bootstrap_ver/extensions/libxt_string.man
|
Packit Service |
fa126c |
This modules matches a given string by using some pattern matching strategy. It requires a linux kernel >= 2.6.14.
|
|
Packit Service |
fa126c |
.TP
|
|
Packit Service |
fa126c |
\fB\-\-algo\fP {\fBbm\fP|\fBkmp\fP}
|
|
Packit Service |
fa126c |
Select the pattern matching strategy. (bm = Boyer-Moore, kmp = Knuth-Pratt-Morris)
|
|
Packit Service |
fa126c |
.TP
|
|
Packit Service |
fa126c |
\fB\-\-from\fP \fIoffset\fP
|
|
Packit Service |
fa126c |
Set the offset from which it starts looking for any matching. If not passed, default is 0.
|
|
Packit Service |
fa126c |
.TP
|
|
Packit Service |
fa126c |
\fB\-\-to\fP \fIoffset\fP
|
|
Packit Service |
fa126c |
Set the offset up to which should be scanned. That is, byte \fIoffset\fP-1
|
|
Packit Service |
fa126c |
(counting from 0) is the last one that is scanned.
|
|
Packit Service |
fa126c |
If not passed, default is the packet size.
|
|
Packit Service |
fa126c |
.TP
|
|
Packit Service |
fa126c |
[\fB!\fP] \fB\-\-string\fP \fIpattern\fP
|
|
Packit Service |
fa126c |
Matches the given pattern.
|
|
Packit Service |
fa126c |
.TP
|
|
Packit Service |
fa126c |
[\fB!\fP] \fB\-\-hex\-string\fP \fIpattern\fP
|
|
Packit Service |
fa126c |
Matches the given pattern in hex notation.
|
|
Packit Service |
fa126c |
.TP
|
|
Packit Service |
fa126c |
\fB\-\-icase\fP
|
|
Packit Service |
fa126c |
Ignore case when searching.
|
|
Packit Service |
fa126c |
.TP
|
|
Packit Service |
fa126c |
Examples:
|
|
Packit Service |
fa126c |
.IP
|
|
Packit Service |
fa126c |
# The string pattern can be used for simple text characters.
|
|
Packit Service |
fa126c |
.br
|
|
Packit Service |
fa126c |
iptables \-A INPUT \-p tcp \-\-dport 80 \-m string \-\-algo bm \-\-string 'GET /index.html' \-j LOG
|
|
Packit Service |
fa126c |
.IP
|
|
Packit Service |
fa126c |
# The hex string pattern can be used for non-printable characters, like |0D 0A| or |0D0A|.
|
|
Packit Service |
fa126c |
.br
|
|
Packit Service |
fa126c |
iptables \-p udp \-\-dport 53 \-m string \-\-algo bm \-\-from 40 \-\-to 57 \-\-hex\-string '|03|www|09|netfilter|03|org|00|'
|