Is iptables string matching still supported?

linux-kernel iptables netfilter
5,181

Yes, the string extension is still supported (see also your local man iptables-extensions documentation). No, you can’t match against encrypted payloads — they’re still encrypted in the filtering layer...

Share:
5,181
Corey
Author by

Corey

Updated on September 18, 2022

Comments

  • Corey
    Corey over 1 year

    I was reading the book Linux Firewalls - Attack Detection and Response (by M. Rash, No Starch Press, 1 Ed., Oct. 2007). In one of its chapter it discusses string matching using iptables. I was wondering:

    • if string matching is still supported by Linux kernel and iptables/Netfilter
    • if yes, can string matching search the encrypted payloads (e.g. HTTPS packets)?

    I searched the net but most of the links are old, and the book itself is published in 2007.

    • ilkkachu
      ilkkachu over 6 years
      I very much suspect that whatever it is you're doing, your iptables modules don't have the keys to any encrypted contents within the packets passing through them
  • Stephen Kitt
    Stephen Kitt over 6 years
    By “filtering layer” I just meant the part of the kernel which handles packet filtering (iptables etc.).

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How is the IFB device positioned in the packet flow of the Linux kernel
Using sk_buff to add an Ethernet frame header
Print TCP Packet Data
How to make all outgoing RST drop
forward packets from one interface to another interface using iptables
How to match properly against an IP set of type 'hash:ip,port'?
URL Filtering with IP tables
-o in iptables is for specifying the interface for OUTPUT, FORWARD, and POSTROUTING Correct?
How to list all network connections Centos 7 (Connection tracking)
Best way to filter/limit ARP packets on embedded Linux