On Mon, 20 Oct 2003, Manac Dragos wrote:
> for F in 22 25 80 443 3535 5222 5223 6667 do ;
> $ipt -A SRV -p tcp -m tcp --dport $F --tcp-flags SYN,RST,ACK SYN -j
> ACCEPT
> done
Sau pe un kernel cu patchul mport din patch-o-matic si iptables
recompilat corespunzator ar putea scrie treaba asta intr-o singura
linie. De fapt ar merge chiar si cu multiport care vine default in
vanilla kernel.
iptables -A SRV -p tcp -m tcp -m multiport --dort \
22,25,80,443,3535,5222,5223,6667 --tcp-flags SYN,RST,ACK SYN -j ACCEPT \
&& echo sanatate
--
Any views or opinions presented within this e-mail are solely those of
the author and do not necessarily represent those of any company, unless
otherwise expressly stated.
---
Detalii despre listele noastre de mail: http://www.lug.ro/
