Not really. iptables work at the network and transport layer, but what you want to do is inspect application level traffic and look for SQL commands. A reverse proxy would be a better approach.
(IMHO, the best way to prevent SQL injection is to make sure the web application doesn't have that vulnerability in the first place. That's pretty easy to do with stored procedures. You really don't want the application to build SQL query strings manually, and certainly not using client-supplied data.)
|