On 7/8/2014 9:45 AM, Ruud Baart wrote: > I have seen it and I already tried it based on your previous mail. I > updated shorewall to the latest version and added the rule: > > IPTABLES(DROP) wan1 $FW udp 53 ; -m string --hex-string > "|0000FF0001|" --algo bm > > It doesn't work the way I hoped: iptables -nvL shows 0 packets. After > your answer I changed the the rule to: > IPTABLES(DROP) wan1 $FW udp 53 ; -m string --from 50 --algo bm > --hex-string "|0000FF0001|" > > Still no success. But perhaps any suggestions to improve this rule?
No, I don't. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
