Hi *, John Leach Ãcrivait : > yeh I just checked that and I was wrong, whoops. Thanks. > The message I get trying to add your rule is : > iptables v1.2.8: multiport can only have one option > Try `iptables -h' or 'iptables --help' for more information. > As it says, multiport can't have both --source-port and > --destination-port in the same rule. > I expect you'll need to drop multiport and just create 2 rules (as long > as $EPHEMERAL_PORTS doesn't rely on the multiport functionality).
Why not use something like this?
iptables -A OUTPUT \
-s "$PUB_IP" -o "$PUB_IFACE" -p tcp \
-m tcp --sport 1024:65535 -m multiport --dports 443,4030 \
-m state --state NEW -j ACCEPT
It works for me...
J.C.
--
Jean Christophe ANDRÃ <[EMAIL PROTECTED]> http://www.vn.refer.org/
Coordonnateur technique rÃgional / Associà technologie projet Reflets
Agence universitaire de la Francophonie (AuF) / Bureau Asie-Pacifique (BAP)
Adresse postale : AUF, 21 LÃ ThÃnh TÃng, T.T. HoÃn Kiám, HÃ Nái,
Viát Nam
TÃl. : +84 4 9331108 Fax : +84 4 8247383 Mobile : +84 91 3248747
/ Note personnelle : merci d'Ãviter de m'envoyer des fichiers PowerPoint ou \
\ Word ; voir ici : http://www.fsf.org/philosophy/no-word-attachments.fr.html /
pgpAKcyVzn3Nh.pgp
Description: PGP signature
