[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: give multible ports a/o ips to iptables [fixed: problems with firehol...]

On 01/09/2004 Mike Mestnik wrote:
> There are several things you can do.  I would make a new table called
> local_rules or something and put each "-p tcp --?port" rule in there. 
> Then it as easy as "-d ??.??.128.98 -j local_rules" and "-d ??.??.128.99
> -j local_rules".

wee, sounds very interesting, but how do i create this rule "local_rules"?

> There is also "-m multiport "...
> This  module  matches  a  set of source or destination ports.  Up to 15
> ports can be specified.  It can only be used in conjunction with -p tcp or
> -p udp.
> 
>        --source-ports port[,port[,port...]]
>        --destination-ports port[,port[,port...]]
>        --ports port[,port[,port...]]

also interesting, but i really don't know how to use it.

the manpage tells me that it's a module, so i have to load it into
kernel, but afterwards?

after loading the module, simply replace --dport and --sport with
--destination-ports and --source-ports and give 5 ips as argument
instead of one, correct?

bye
 jonas
Reply to: