R
R
resident2015-03-04 18:24:02
firewall
resident, 2015-03-04 18:24:02

How to block traffic in LINUX by its content?

Good day to all! Actually there is a socks5 proxy, you need to block traffic going through it to the 25th port. How can I do that? As I understand it, you need to somehow watch the contents of the traffic itself and block it by content somehow.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
S
Sergey, 2015-03-04
@butteff

You need to create rules in iptables for incoming connection to port 25 with proxy ip.
I don't remember exactly the syntax, but it seems the rule should be:
iptables -A INPUT -s 666.13.666.13/25 -j DROP

I
Ivan, 2015-03-06
@t3mp

By means of socks
3proxy itself: HowTo (English)
allow userlist sourcelist targetlist targetportlist
deny userlist sourcelist targetlist targetportlist
flush

A
Archie Kuznetsov, 2015-03-06
@Wolf4ara

depending on what is meant by content. if you know exactly the regular expression of the text you want to drop, then iptables has modules of the "string" type, with which you can find the necessary data and drop it.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question