Re: give multible ports a/o ips to iptables [fixed: problems with firehol...]

Jonas Meurer Thu, 09 Sep 2004 09:48:13 -0500

On 09/09/2004 Jonas Meurer wrote:
> now i understand ;) i assume that using more than one -m options is ok
> at all, and now have in firehol.conf:
> 
> iptables -A INPUT  -i eth0 -m state --state NEW \
>               -m multiport --dports 210,215,220,225,230 \
>               -p tcp -d 62.75.128.98/31 -j ACCEPT
> iptables -A OUTPUT -o eth0 -m state --state ESTABLESHED,RELATED \
>               -m multiport --sports 210,215,220,225,230 \
>               -p tcp -s 62.75.128.98/31 -j ACCEPT


sorry, but this doesn't work. the -p tcp is needed by multiport so i
changed the rules to:
iptables -A INPUT  -i eth0 -m state --state NEW \
                -m multiport -p tcp --dports 210,215,220,225,230 \
                -d 62.75.128.98/31 -j ACCEPT

iptables -A OUTPUT -o eth0 -m state --state ESTABLISHED,RELATED \
                -m multiport -p tcp --sports 210,215,220,225,230 \
                -s 62.75.128.98/31 -j ACCEPT

everything's ok with these lines?

bye
 jonas

Re: give multible ports a/o ips to iptables [fixed: problems with firehol...]

Reply via email to