Re: How to match protocol 0

To:	Netfilter Mailing List <netfilter@lists.netfilter.org>, Netfilter Developer Mailing List <netfilter-devel@lists.netfilter.org>
Subject:	Re: How to match protocol 0
From:	Jan Engelhardt <jengelh@linux01.gwdg.de>
Date:	Sat, 2 Jun 2007 20:49:37 +0200 (MEST)
Cc:	Phil Oester <kernel@linuxace.com>
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
In-reply-to:	<20070430173654.GB6904@linuxace.com>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
References:	<20070428220206.GA26272@linuxace.com> <463524E7.60107@netfilter.org> <Pine.LNX.4.61.0704301038100.22744@yvahk01.tjqt.qr> <20070430171317.GA6904@linuxace.com> <Pine.LNX.4.61.0704301924021.29151@yvahk01.tjqt.qr> <20070430173654.GB6904@linuxace.com>
Sender:	netfilter-bounces@lists.netfilter.org

To:

Netfilter Mailing List <netfilter@lists.netfilter.org>, Netfilter Developer Mailing List <netfilter-devel@lists.netfilter.org>

Subject:

Re: How to match protocol 0

From:

Jan Engelhardt <jengelh@linux01.gwdg.de>

Date:

Sat, 2 Jun 2007 20:49:37 +0200 (MEST)

Cc:

Phil Oester <kernel@linuxace.com>

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

netfilter-list1@securepoint.com

In-reply-to:

<20070430173654.GB6904@linuxace.com>

List-archive:

</pipermail/netfilter>

List-help:

<mailto:netfilter-request@lists.netfilter.org?subject=help>

List-id:

General discussion and user questions <netfilter.lists.netfilter.org>

List-post:

<mailto:netfilter@lists.netfilter.org>

List-subscribe:

<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>

List-unsubscribe:

<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>

References:

<20070428220206.GA26272@linuxace.com> <463524E7.60107@netfilter.org> <Pine.LNX.4.61.0704301038100.22744@yvahk01.tjqt.qr> <20070430171317.GA6904@linuxace.com> <Pine.LNX.4.61.0704301924021.29151@yvahk01.tjqt.qr> <20070430173654.GB6904@linuxace.com>

Sender:

netfilter-bounces@lists.netfilter.org

Hello all,


regarding your questions in
http://lists.netfilter.org/pipermail/netfilter/2007-April/068496.html 
and the thread
http://lists.netfilter.org/pipermail/netfilter-devel/2007-April/027675.html

I think it's actually quite easy. How about:

        iptables -m u32 --u32 "8&0x0F00=0"

This takes bytes 8+4 of a packet (bytes 8,9,10,11), ANDs it with 0x0F00, 
so as to get only byte 9 (which is the IPv4 field for the Layer4 
protocol) and see if it is 0.

(Yes, we would have to use a shift before comparing, but since comparing 
for protocol zero, it does not matter.)

Ok, everyone got that? :)


        Jan
--

<Prev in Thread]	Current Thread	[Next in Thread>
Re: How to match protocol 0, Jan Engelhardt <= Re: How to match protocol 0, Jan Engelhardt

Previous by Date:	conntrack-tools fails to compile, t
Next by Date:	Re: syn DDoS attack solution, R. DuFresne
Previous by Thread:	conntrack-tools fails to compile, t
Next by Thread:	Re: How to match protocol 0, Jan Engelhardt
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

conntrack-tools fails to compile, t

Next by Date:

Re: syn DDoS attack solution, R. DuFresne

Previous by Thread:

conntrack-tools fails to compile, t

Next by Thread:

Re: How to match protocol 0, Jan Engelhardt

Indexes:

[Date] [Thread] [Top] [All Lists]