We recently upgraded to distro version 10.13.66-16 Released 09-14-16 and after the reboot Iptables string matching is no longer working as it should.
e.g. The string below used to work and now it doesn’t
-A INPUT -p udp --dport 5060 -m string --string “INVITE sip:” --algo bm -j ACCEPT
However this works
-A INPUT -p udp --dport 5060 -m string --string “INVITE” --algo bm -j ACCEPT
I see it’s running iptables v1.4.7
Anyone aware of any changes in the iptables version used in the distro or anything else that could affect string matching in iptables?