Question regarding IPTables - Heartbleed Attack
by mb1994 from LinuxQuestions.org on (#5B8H2)
I am creating an IP rule to block potential heartbeat attacks. I see online that the standard iptable to block a heartbeat attack is: iptables -t filter -A INPUT -p tcp --dport 443 -m u32 --u32 \ "52=0x18030000:0x1803FFFF" -j DROP
I was wondering if you could assist me with understanding what "m u32 --u32 \ "52=0x18030000:0x1803FFFF" means. I understand that this is using the u32 iptables moudle but have no idea what "52=0x18030000:0x1803FFFF" means? Where does "52=0x18030000:0x1803FFFF" come from?
I was wondering if you could assist me with understanding what "m u32 --u32 \ "52=0x18030000:0x1803FFFF" means. I understand that this is using the u32 iptables moudle but have no idea what "52=0x18030000:0x1803FFFF" means? Where does "52=0x18030000:0x1803FFFF" come from?