allow only certain iptable string User-Agent
I have a Asterisk phone server and I get attacked every so often and I have all sorts of things that stop the attacks but recently am looking for a way to do with with User-Agent string and have all my external phones use a manipulated User agent and only allow user agents that are well what I allow..
I have no idea how to do this..
how do I drop all user agents
i know I could easily do
iptables -A INPUT -p udp --dport 5060 -m string --algo bm --string "User-Agent: cUStoM123TT" -j ACCEPT
but how do I start by dropping all unknown * User-Agent
how do I properly write this . Does anyone see any issues i would have with this?. would this work?
Last edited by charly78; 02-03-2016 at 11:51 PM.
|