On Tue, 24 Jun 2003, John Leach wrote: > You missed a \ on the 3rd line. This is the reason for the "-m: command > not found" message.
Yeah, somehow that got lost when I composed the message. It was/is in the script itself though. > After experimenting a bit, I'm now thinking this might be a bug. > Firstly though, multiport won't allow you to specify source and > destination ports in the same rule. Only one or the other. They are > mutually exclusive. > > On top of that, it doesn't seem to like being given ranges (such as > 1024:65535). As I say, I think this is either a bug or just a > limitation of the multiport code (or I'm doing something silly). Either > way, even if it was working ok, you shouldn't be able to specify both > source and destination ports when using multiport. > > The following example works fine, but you'll need to repeat the whole > thing for all destination ports (80,8080,8888) as you can only specify > one at a time (as we can't use multiport and ranges). With a good hint from another person on the list (he just beat you to it }:-) I have found a way to have my cake and eat it too. See my reply to Jean Christophe for the exact code I use to make it work. Now that I have a complete and well-commented script (lots of features like bogonfiltering and blacklists) I guess I should make it publicly available so others can benefit from it too. I'll write a short HTML page explaining its installation/use and put it on the web. Thanks for helping me to iron out the last wrinkles. Grx HdV
