I’ve had issues with L7 filtering before, but I decided to pass it up. This new project is something that I’ve followed through on and involves L7.
I built a simple port knocker that uses UDP and a password in each packet. To begin with, the rules weren’t matching at all. So I changed the password to a single word in the program and also in the L7 regexp and the rule passed. I changed it back, and it did not work still. The exact password attempts are as follows.
works:
test
Thomas
we be knockin!
does not work:
We be knockin!
The L7 regexp that does not work is:
^We be knockin!$
It does work if I change the regexp to:
^we be knockin!$
I thought that maybe the caps was giving it fits, so that’s why i tried it with “Thomas”. The regexp would include the carat and the dollar sign as shown in the previous 2 regexp examples. But it works with caps. What’s wrong with the one that I want to work?
My previous L7 project that I never could get to work was for HTTP. I tried 2-3 different regexps for HTTP that I found online, and they never did match up. The one I specifically used was found in the MikroTik wiki. What am I doing wrong here? I’m not really worried too much about the HTTP at this time until I finish up this current project.
Thanks!