Re: How to match protocol 0

To:	Netfilter Mailing List <netfilter@lists.netfilter.org>, Netfilter Developer Mailing List <netfilter-devel@lists.netfilter.org>
Subject:	Re: How to match protocol 0
From:	Jan Engelhardt <jengelh@linux01.gwdg.de>
Date:	Sat, 2 Jun 2007 23:19:52 +0200 (MEST)
Cc:	Phil Oester <kernel@linuxace.com>
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
In-reply-to:	<Pine.LNX.4.61.0706022042100.5076@yvahk01.tjqt.qr>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
References:	<20070428220206.GA26272@linuxace.com> <463524E7.60107@netfilter.org> <Pine.LNX.4.61.0704301038100.22744@yvahk01.tjqt.qr> <20070430171317.GA6904@linuxace.com> <Pine.LNX.4.61.0704301924021.29151@yvahk01.tjqt.qr> <20070430173654.GB6904@linuxace.com> <Pine.LNX.4.61.0706022042100.5076@yvahk01.tjqt.qr>
Sender:	netfilter-bounces@lists.netfilter.org

To:

Netfilter Mailing List <netfilter@lists.netfilter.org>, Netfilter Developer Mailing List <netfilter-devel@lists.netfilter.org>

Subject:

Re: How to match protocol 0

From:

Jan Engelhardt <jengelh@linux01.gwdg.de>

Date:

Sat, 2 Jun 2007 23:19:52 +0200 (MEST)

Cc:

Phil Oester <kernel@linuxace.com>

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

netfilter-list1@securepoint.com

In-reply-to:

<Pine.LNX.4.61.0706022042100.5076@yvahk01.tjqt.qr>

List-archive:

</pipermail/netfilter>

List-help:

<mailto:netfilter-request@lists.netfilter.org?subject=help>

List-id:

General discussion and user questions <netfilter.lists.netfilter.org>

List-post:

<mailto:netfilter@lists.netfilter.org>

List-subscribe:

<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>

List-unsubscribe:

<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>

References:

<20070428220206.GA26272@linuxace.com> <463524E7.60107@netfilter.org> <Pine.LNX.4.61.0704301038100.22744@yvahk01.tjqt.qr> <20070430171317.GA6904@linuxace.com> <Pine.LNX.4.61.0704301924021.29151@yvahk01.tjqt.qr> <20070430173654.GB6904@linuxace.com> <Pine.LNX.4.61.0706022042100.5076@yvahk01.tjqt.qr>

Sender:

netfilter-bounces@lists.netfilter.org


On Jun 2 2007 20:49, Jan Engelhardt wrote:
>Hello all,
>
>
>regarding your questions in
>http://lists.netfilter.org/pipermail/netfilter/2007-April/068496.html 
>and the thread
>http://lists.netfilter.org/pipermail/netfilter-devel/2007-April/027675.html
>
>I think it's actually quite easy. How about:
>
>       iptables -m u32 --u32 "8&0x0F00=0"

minor glitch, it should read:
for TCP (prot  6): iptables -m u32 --u32 "8 & 0x00FF0000 = 0x00060000"
for UDP (prot 17): iptables -m u32 --u32 "8 & 0x00FF0000 = 0x00110000"
for HBH (prot  0): iptables -m u32 --u32 "8 & 0x00FF0000 = 0x00000000"

(Leading zeroes can be omitted of course.)
And, for example completeness, have some shift,

TCP: iptables -m u32 --u32 "8 & 0xFF0000 >> 16 = 6"

Happy matching.



        Jan
--

<Prev in Thread]	Current Thread	[Next in Thread>
Re: How to match protocol 0, Jan Engelhardt Re: How to match protocol 0, Jan Engelhardt <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: syn DDoS attack solution, R. DuFresne
Next by Date:	[PATCH 0/2] xt_u32 - match arbitrary bits and bytes of a packet, Jan Engelhardt
Previous by Thread:	Re: How to match protocol 0, Jan Engelhardt
Next by Thread:	[PATCH 0/2] xt_u32 - match arbitrary bits and bytes of a packet, Jan Engelhardt
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: syn DDoS attack solution, R. DuFresne

Next by Date:

[PATCH 0/2] xt_u32 - match arbitrary bits and bytes of a packet, Jan Engelhardt

Previous by Thread:

Re: How to match protocol 0, Jan Engelhardt

Next by Thread:

[PATCH 0/2] xt_u32 - match arbitrary bits and bytes of a packet, Jan Engelhardt

Indexes:

[Date] [Thread] [Top] [All Lists]