From b1cdae87f25021eb835872d86d6e7206bd421c3f Mon Sep 17 00:00:00 2001 From: Bernie Harris Date: Wed, 21 Mar 2018 15:42:29 +1300 Subject: extensions: Add string filter to ebtables This patch is part of a proposal to add a string filter to ebtables, which would be similar to the string filter in iptables. Like iptables, the ebtables filter uses the xt_string module, however some modifications have been made for this to work correctly. Currently ebtables assumes that the revision number of all match modules is 0. The xt_string module doesn't register a match with revision 0 so the solution is to modify ebtables to allow extensions to specify a revision number, similar to iptables. This gets passed down to the kernel, which is then able to find the match module correctly. Signed-off-by: Bernie Harris Signed-off-by: Pablo Neira Ayuso --- ebtables.8 | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'ebtables.8') diff --git a/ebtables.8 b/ebtables.8 index 81d1cf6..e3290fe 100644 --- a/ebtables.8 +++ b/ebtables.8 @@ -810,6 +810,26 @@ The hello time timer (0-65535) range. .TP .BR "--stp-forward-delay " "[!] [\fIdelay\fP][:\fIdelay\fP]" The forward delay timer (0-65535) range. +.SS string +This module matches on a given string using some pattern matching strategy. +.TP +.BR "--string-algo " "\fIalgorithm\fP" +The pattern matching strategy. (bm = Boyer-Moore, kmp = Knuth-Pratt-Morris) +.TP +.BR "--string-from " "\fIoffset\fP" +The lowest offset from which a match can start. (default: 0) +.TP +.BR "--string-to " "\fIoffset\fP" +The highest offset from which a match can start. (default: size of frame) +.TP +.BR "--string " "[!] \fIpattern\fP" +Matches the given pattern. +.TP +.BR "--string-hex " "[!] \fIpattern\fP" +Matches the given pattern in hex notation, e.g. '|0D 0A|', '|0D0A|', 'www|09|netfilter|03|org|00|' +.TP +.BR "--string-icase" +Ignore case when searching. .SS vlan Specify 802.1Q Tag Control Information fields. The protocol must be specified as -- cgit v1.2.3