iptables -I INPUT 1 -p tcp --dport 80 -m string --string "domain.com" --algo kmp -j DROP
=======================================================================
iptables -I INPUT 1 -p tcp --dport 80 -m string --string "cmd.exe" --algo bm -j DROP
=======================================================================
iptables -I INPUT 1 -p udp --dport 53 -m string --string "x99moyu" --algo kmp -j DROP
=======================================================================
string This modules matches a given string by using somepattern matching strategy. It requires a linux kernel >= 2.6.14. --algo bm|kmp Select the pattern matching strategy. (bm = Boyer-Moore, kmp = Knuth-Pratt-Morris) --from offset Set the offset from which it starts looking for anymatching. If not passed, default is 0. --to offset Set the offset to which it starts looking for anymatching. If not passed, default is the packet size. --string pattern Matches the given pattern. --hex-string patternMatches the given pattern in hex notation. |
여행
윈도우서버 
