Hi Koba, yeh I just checked that and I was wrong, whoops. Thanks. Grx, The message I get trying to add your rule is : iptables v1.2.8: multiport can only have one option Try `iptables -h' or 'iptables --help' for more information. As it says, multiport can't have both --source-port and --destination-port in the same rule. I expect you'll need to drop multiport and just create 2 rules (as long as $EPHEMERAL_PORTS doesn't rely on the multiport functionality). John. On Mon, 2003-06-23 at 13:25, Koba wrote: > On 23 Jun 2003 10:23:36 +0100, John Leach <john@johnleach.co.uk> wrote: > > > Hi, uhrm, Grx, > > > > when using -m multiport it's: --destination-ports not > > --destination-port. > > > > John. > > > > On Sat, 2003-06-21 at 22:10, HdV@DTO.TUDelft.NL wrote: > >> > >> ... > >> The rule that is giving me trouble is this one: > >> > >> iptables -A OUTPUT -o $PUB_IFACE -p tcp \ > >> -m multiport --destination-port 443,4030 \ > >> -s $PUB_IP -m state --state NEW -j ACCEPT > >> ... > > iptables recongnizes "abbreviated" parameters. like --line for --line- > numbers or even --destination-p por --destination-ports > > I don't know if it's a bug or a feature. > > -- > Koba -- GPG KEY: B89C D450 5B2C 74D8 58FB A360 9B06 B5C2 26F0 3047 HTTP: http://www.johnleach.co.uk
Attachment:
signature.asc
Description: This is a digitally signed message part