Commit 29f66aa1 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

string match

parent adc33e79
......@@ -349,6 +349,25 @@ attributes:
order specified by <strong>args</strong>
</td>
</tr>
<tr>
<td><strong>string</strong></td>
<td>
String or object containing at least an attribute named
<strong>match</strong> and optionally one or more of the
following: <strong>algo</strong>, <strong>from</strong>, and
<strong>to</strong>.
</td>
<td>
Packet contains the given plain string or the one defined by
the <strong>match</strong> attribute. Attributes
<strong>from</strong> and <strong>to</strong> can be used to
constrain the search to the specific byte range of the
packet. The used algorithm may be selected using the
<strong>algo</strong> attribute. The allowed values are
<strong>bm</strong> for Boyer&ndash;Moore (default) and
<strong>kmp</strong> for Knuth&ndash;Pratt&ndash;Morris.
</td>
</tr>
</tbody>
</table>
......
......@@ -536,6 +536,25 @@ function M.Rule:trules()
ofrags = combinations(ofrags, ipsetofrags)
end
if self.string then
if type(self.string) == 'string' then
self.string = {match=self.string}
end
if not self.string.match then self:error('String match not defined') end
setdefault(self.string, 'algo', 'bm')
local opts = '-m string --string "'..
self.string.match:gsub('(["\\])', '\\%1')..'"'
for _, attr in ipairs{'algo', 'from', 'to'} do
if self.string[attr] then
opts = opts..' --'..attr..' '..self.string[attr]
end
end
ofrags = combinations(ofrags, {{match=opts}})
end
if self.match then ofrags = combinations(ofrags, {{match=self.match}}) end
ofrags = combinations(ofrags, self:servoptfrags())
......@@ -643,7 +662,7 @@ function M.Rule:extrarules(label, cls, options)
for _, attr in ipairs(
extend(
{'in', 'out', 'src', 'dest', 'ipset', 'match', 'service'},
{'in', 'out', 'src', 'dest', 'ipset', 'string', 'match', 'service'},
options.attrs
)
) do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment