1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Packet Filtering..? Updated

Discussion in 'HyperWRT Firmware' started by Darkman_1969, Jan 16, 2005.

  1. Darkman_1969

    Darkman_1969 Network Guru Member

    I am looking for a way i can filter packets by HEX String. I would like to block packets containing a defined string. Is this possible with HyperWRT..?

    I need to do something like the following.

    If packet from *.*.*.*:5515 contains 0D:00:0D:00:0D then block, else allow.

    I have tried the following but the router won't accept it, can anyone help me out here.

    iptables -I advgrp_2 -j logdrop -sport 5515 -m webstr --content 0D:00:0D:00:0D
  2. Darkman_1969

    Darkman_1969 Network Guru Member

    ok, here are things as they stand now.

    I found that the following is accepted.

    /usr/sbin/iptables -I FORWARD -p tcp --dport 5515 -m webstr --content 0D:00:0D:00:0D -j DROP

    My only question is what is the correct syntax for the string?

    Is it,

    Any help on this would be great as i can't find any info on the correct usage of HEX strings.

  3. sillygoose

    sillygoose Network Guru Member

    /usr/sbin/iptables -I FORWARD -p tcp --dport 5515 -m string --hex-string "|0D 00 0D 00 0D|" -j DROP
  4. Darkman_1969

    Darkman_1969 Network Guru Member

    Thanks sillygoose,
    it works now. But i had to reflash to Alchamy-LoneWolf) for it to work.


Share This Page