Re: iptables rules : two in one

To: <debian-firewall@lists.debian.org>
Subject: Re: iptables rules : two in one
From: "Andrey Kozlov" <unrealbox@gmail.com>
Date: Sun, 1 Oct 2006 00:49:48 +0300
Message-id: <[🔎] 002d01c6e4da$5a9622b0$021111ac@pc>
References: <[🔎] 451E82E7.5070208@yahoo.co.uk>

Hello,

with use connection tracking you can define common rules for ongoingtraffic on top of you rule set:


iptables -A INPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

and then add specific rules for any required services, e.g.:

iptables -A OUTPUT -o eth0 -p tcp --sport $UNPRIVPORTS \

-d pop.mail.yahoo.co.uk --dport 110 -m state --state NEW -jACCEPT


iptables -A OUTPUT -o eth0 -p tcp --sport $UNPRIVPORTS \
       -d pop.1and1.fr --dport 110 -m state --state NEW -j ACCEPT

--
Regards,
Kozlov Andrey.

I have got some iptables rules suche as :

Code:

       iptables -A OUTPUT -o eth0 -p tcp -d pop.mail.yahoo.co.uk
--dport 110 --sport $UNPRIVPORTS -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
       iptables -A OUTPUT -o eth0 -p tcp -d pop.1and1.fr --dport 110

--sport $UNPRIVPORTS -m state --state NEW,ESTABLISHED,RELATED -jACCEPTiptables -A INPUT -i eth0 -p tcp -spop.mail.yahoo.co.uk --sport110 --dport $UNPRIVPORTS -m state --state ESTABLISHED,RELATED -jACCEPT

       iptables -A INPUT -i eth0 -p tcp -s pop.1and1.fr --sport 110
--dport $UNPRIVPORTS -m state --state ESTABLISHED,RELATED -j ACCEPT


and I would like to put them on only two lines. I glanced at the man
page but I have not found anything of interest.

Is that possible ?

Reply to:

References:
- iptables rules : two in one
  - From: franck <joncourt_franck@yahoo.co.uk>

Prev by Date: Re: iptables rules : two in one
Previous by thread: Re: iptables rules : two in one
Index(es):
- Date
- Thread