Iptables and mobile data

Discussion in 'Server Operation' started by layman, Nov 3, 2014.

  1. layman

    layman New Member


    I have written an iptables rule to only allow certain mobile devices access to
    a specific web server.

    iptables -A filtermobile -p tcp --dport 80 -m string --to 700 --algo bm \
    --string 'Mozilla/5.0 (Linux; Android’ -j ACCEPT

    When working on local lan and wireless the rule matches the phrase
    within the tcp / http header /user agent field and filters accordingly.

    On mobile data networks, the rule fails due to only reading up to 200
    characters within the tcp / http header.

    Cannot work this one out as fragments have been disabled

    iptables -I INPUT 4 -p tcp -f -j DROP

    Any ideas?

    Many thanks
    The Layman

Share This Page