All of lore.kernel.org
 help / color / mirror / Atom feed
From: Joel Newkirk <firewalldude@newkirk.us>
To: tedkaz@optonline.net
Cc: netfilter@lists.netfilter.org
Subject: Re: udp/tcp port range rules for forward/input chains
Date: Wed, 15 Oct 2003 02:27:12 -0400	[thread overview]
Message-ID: <1066199232.20310.4.camel@alpha.newkirk.us> (raw)
In-Reply-To: <1066187418.14600.28.camel@tarkus>

On Tue, 2003-10-14 at 23:10, Ted Kaczmarek wrote:
> Digging around the only thing I found was a patch-o-matic that allowed
> for doing a range of 15 ports.
> 
> I see many references with dnat and snat, but nothing besides the patch
> for input or forward chains.
> 
> If anyone has a link that or info that can steer me in the right
> direction the beers are on me at the Javits Center Linux show.
> 
> Thanks,
> Ted

Do you mean something like specifying tpc port 135 through 139 in a
single rule?

iptables -A INPUT -i $EXTIF -p tcp --dport 135:139 -j DROP

If you mean non-contiguous ports, you're looking at multiport:

iptables -A INPUT -p tcp -m mulitport --dport 21,25,80,110,143,443 -j
ACCEPT

Multiport is limited to 15 ports per rule.

j




  reply	other threads:[~2003-10-15  6:27 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-10-15  3:10 udp/tcp port range rules for forward/input chains Ted Kaczmarek
2003-10-15  6:27 ` Joel Newkirk [this message]
2003-10-16 21:34   ` Ted Kaczmarek
2003-10-16 21:49     ` Joel Newkirk

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1066199232.20310.4.camel@alpha.newkirk.us \
    --to=firewalldude@newkirk.us \
    --cc=netfilter@lists.netfilter.org \
    --cc=tedkaz@optonline.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.