Packet Filtering..? Updated

Discussion in 'HyperWRT Firmware' started by Darkman_1969, Jan 16, 2005.

  1. Darkman_1969

    Darkman_1969 Network Guru Member

    I am looking for a way i can filter packets by HEX String. I would like to block packets containing a defined string. Is this possible with HyperWRT..?

    I need to do something like the following.

    If packet from *.*.*.*:5515 contains 0D:00:0D:00:0D then block, else allow.

    I have tried the following but the router won't accept it, can anyone help me out here.

    iptables -I advgrp_2 -j logdrop -sport 5515 -m webstr --content 0D:00:0D:00:0D
     
  2. Darkman_1969

    Darkman_1969 Network Guru Member

    ok, here are things as they stand now.

    I found that the following is accepted.

    /usr/sbin/iptables -I FORWARD -p tcp --dport 5515 -m webstr --content 0D:00:0D:00:0D -j DROP

    My only question is what is the correct syntax for the string?

    Is it,
    0D:00:0D:00:0D
    or
    "0D:00:0D:00:0D"
    or
    "0D000D000D"
    or
    0D000D000D

    Any help on this would be great as i can't find any info on the correct usage of HEX strings.

    Thanks.
     
  3. sillygoose

    sillygoose Network Guru Member

    try
    /usr/sbin/iptables -I FORWARD -p tcp --dport 5515 -m string --hex-string "|0D 00 0D 00 0D|" -j DROP
     
  4. Darkman_1969

    Darkman_1969 Network Guru Member

    Thanks sillygoose,
    it works now. But i had to reflash to Alchamy-LoneWolf) for it to work.

    Regards
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice