Network Troublshooting > Linux Servers Support
iptables string icase syntax
(1/1)
robbtek:
My system : CentOS 6.2 64bit and iptables-1.4.7-5.1
I want use iptables string module to block some http request .
I want to block some scan/attack like xss or sql-i :
example : block request by insert <script> in form .
My example syntax is :
--- Code: ---iptables -I INPUT -p tcp --dport 80 -m string --string "<script>" --algo bm --icase -j DROP
--- End code ---
But dont work .
I can use
--- Code: ---iptables -I INPUT -p tcp --dport 80 -m string --string "script" --algo bm --icase -j DROP
--- End code ---
But is very restrictive .
How can use string module and "--icase" with iptables to block request with specific string with ONE rule ?? .... example :
--- Code: ---<script>
<SCRIPT>
<ScRiPt>
<sCrIpT>
....
--- End code ---
thanks
Navigation
[0] Message Index
Go to full version