[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: give multible ports a/o ips to iptables [fixed: problems with firehol...]

On 09/09/2004 Jonas Meurer wrote:
> now i understand ;) i assume that using more than one -m options is ok
> at all, and now have in firehol.conf:
> 
> iptables -A INPUT  -i eth0 -m state --state NEW \
> 		-m multiport --dports 210,215,220,225,230 \
> 		-p tcp -d 62.75.128.98/31 -j ACCEPT
> iptables -A OUTPUT -o eth0 -m state --state ESTABLESHED,RELATED \
> 		-m multiport --sports 210,215,220,225,230 \
> 		-p tcp -s 62.75.128.98/31 -j ACCEPT

sorry, but this doesn't work. the -p tcp is needed by multiport so i
changed the rules to:
iptables -A INPUT  -i eth0 -m state --state NEW \
		-m multiport -p tcp --dports 210,215,220,225,230 \
		-d 62.75.128.98/31 -j ACCEPT

iptables -A OUTPUT -o eth0 -m state --state ESTABLISHED,RELATED \
		-m multiport -p tcp --sports 210,215,220,225,230 \
		-s 62.75.128.98/31 -j ACCEPT

everything's ok with these lines?

bye
 jonas
Reply to: