On Wed, Jun 29, 2005 at 04:14:44PM -0500, jacob martinson wrote: > is it possible to specify a port range in ipfilter? i'm running > 3.4.32 on a solaris 8 machine, and none of the syntax i've seen > documented seems to work. > > i've tried: > > pass in quick on iface0 proto tcp from 1.2.3.4/32 to any port = 1000 - 1010 > pass in quick on iface0 proto tcp from 1.2.3.4/32 to any port = 1000 <> 1010 > pass in quick on iface0 proto tcp from 1.2.3.4/32 to any port = 1000 >< 1010 > > and they all give syntax errors when i try loading the config. >
You want: pass in quick on iface0 proto tcp from 1.2.3.4/32 to any port 999 >< 1011 It's important to remember that this expresses that everything *between* the 2 ports specified are counted. -- Mike Sawicki ([EMAIL PROTECTED])
