¿ù°£ Àα⠰Խù°

°Ô½Ã¹° 111°Ç
   
Netfilter weburl Match
±Û¾´ÀÌ : ÃÖ°í°ü¸®ÀÚ ³¯Â¥ : 2010-01-05 (È­) 10:22 Á¶È¸ : 9381
±ÛÁÖ¼Ò :
weburl.tar.gz (22.9K), Down : 6, 2010-08-23 11:21:34
                             

ÆÄÀÏ´Ù¿î : https://svn.assembla.com/svn/gargoyle-router/trunk/netfilter-match-modules/weburl/


# Ä¿³Î¼Ò½º¿¡ º¹»ç (Ä¿³Î¼Ò½º : /usr/src/linux)
cp -r module/* /usr/src/linux/net/ipv4/netfilter/
cp header/* /usr/src/linux/include/linux/netfilter_ipv4/


# /usr/src/linux/net/ipv4/netfilter/Kconfig ÆÄÀϼöÁ¤
 - °¡À帶Áö¸· ¶óÀÎ endmenu À§ÂÊ¿¡ ¾Æ·¡ ¹®±¸ »ðÀÔ

config IP_NF_MATCH_WEBURL
    tristate "WEBURL match support"
    depends on IP_NF_IPTABLES
    help
      This option makes possible to match WEBURL
      ranges.

      To compile it as a module, choose M here.  If unsure, say N.


# /usr/src/linux/net/ipv4/netfilter/Makefile ÆÄÀϼöÁ¤

 - °¡Àå ¸¶Áö¸· ¶óÀο¡ ¾Æ·¡¹®±¸ »ðÀÔ

obj-$(CONFIG_IP_NF_MATCH_WEBURL) += ipt_weburl.o


# make oldconfig    ¸ðµâüũ
    WEBURL match support (IP_NF_MATCH_WEBURL) [N/m/?] (NEW) m


# make modules && make modules_install


 Ä¿³ÎÆÐÄ¡ ¿Ï·á.... The END



# iptables ¼öÁ¤
 - ´Ù¿î¹ÞÀº ÆÄÀÏ º¹»ç
cp extension/libipt_weburl.c  /usr/src/iptables/extensions/
cp header/ipt_weburl.h /usr/src/iptables/include/linux/netfilter_ipv4

extension/libipt_weburl.c ¼öÁ¤

static struct iptables_match weburl =               # ¼öÁ¤ iptables ==> xtables
{
    .next       = NULL,
    .name       = "weburl",
    .version    = IPTABLES_VERSION,
    .size       = IPT_ALIGN(sizeof(struct ipt_weburl_info)),
    .userspacesize  = IPT_ALIGN(sizeof(struct ipt_weburl_info)),
    .help       = &help,
    .parse      = &parse,
    .final_check    = &final_check,
    .print      = &print,
    .save       = &save,
    .extra_opts = opts
};


void _init(void)
{
    register_match(&webrul);    # ¼öÁ¤  xtables_register_match
}

weburl options:
  --contains [!] [STRING]
  --contains_regex [!] [REGEX]
 --matches_exactly [!] [STRING]
 --domain_only
 --path_only


ÃÖ°í°ü¸®ÀÚ 2012-03-06 (È­) 15:00
iptables -A INPUT -m string --string "XXXXXXXXXX" --algo bm --to 512 -d XXX.XXX.XXX.XXX  -j DROP
À̸§ Æнº¿öµå
ºñ¹Ð±Û (üũÇÏ¸é ±Û¾´À̸¸ ³»¿ëÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù.)
¿ÞÂÊÀÇ ±ÛÀÚ¸¦ ÀÔ·ÂÇϼ¼¿ä.
   

 



 
»çÀÌÆ®¸í : ¸ðÁö¸®³× | ´ëÇ¥ : ÀÌ°æÇö | °³ÀÎÄ¿¹Â´ÏƼ : ·©Å°´åÄÄ ¿î¿µÃ¼Á¦(OS) | °æ±âµµ ¼º³²½Ã ºÐ´ç±¸ | ÀüÀÚ¿ìÆí : mojily°ñ¹ðÀÌchonnom.com Copyright ¨Ï www.chonnom.com www.kyunghyun.net www.mojily.net. All rights reserved.