2

I'm trying to use iptables with modbus as a firewall. Is it possible to implement the two rules below as one line of rule?

sudo iptables -A INPUT -p tcp --dport 4031 -m u32 ! --u32 "0>>22&0x3c @12>>26&0x3c @0>>24&0xff=0x11" -j REJECT
sudo iptables -A INPUT -p tcp --dport 4031 -m u32 ! --u32 "0>>22&0x3c @12>>26&0x3c @0&0xffff=0x0088,0x0089,0x008A" -j REJECT

iptables seems to accept the rule below but I am unsure if it works properly like an AND function as expected.

sudo iptables -A INPUT -p tcp --dport 4031 -m u32 ! --u32 "0>>22&0x3c @12>>26&0x3c @0>>24&0xff=0x11 && 0&0xffff=0x0088,0x0089,0x008A " -j REJECT
Improve this question

1 Answer 1

Reset to default
0

I've not used u32 match engine a lot myself, but it looks like you could combine it, yes.

http://www.stearns.org/doc/iptables-u32.current.html

According to the documentation, you can chain with && so, what you came up with should work fine:

sudo iptables -A INPUT -p tcp --dport 4031 -m u32 ! --u32 "0>>22&0x3c @12>>26&0x3c @0>>24&0xff=0x11 && 0>>22&0x3c @12>>26&0x3c @0&0xffff=0x0088,0x0089,0x008A" -j REJECT
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .