(no subject)

[Yogini Parkhi]

Hi,
There are some errors in the example command you list.
There is no INPUT chain in the nat table.

Is this what you want to do?
# accept 80,110,25
iptables -t filter -A FORWARD -p tcp -d 0/0 -m multiport -dports
 80,110,25 -j ACCEPT
iptables -t filter -A FORWARD -p tcp -j DROP


These rules added in the same order will first accept the traffic at ports
80,110 and 25 and DROP all other tcp traffic.

If you want the same rules for traffic destined to the box runnin gfirewall
use INPUT chain instead of FORWARD

Hope this helps,
Yogini


-----Original Message-----
From: netfilter-admin@lists.samba.org
[mailto:netfilter-admin@lists.samba.org]On Behalf Of Greg Gerritsen
Sent: Thursday, August 09, 2001 2:48 PM
To: 'Netfilter (E-mail)
Subject: (no subject)

I was wondering if there was a way to list all the port I would like to
reject.....

I'm having a problem listing more than one port at a time to reject.

IE.

iptables -t nat -A INPUT -p TCP -d 0/0 --dport ! 80,110,25 -j REJECT

or is there a better way to do this...

Such as set all packet to Reject then Accept them on at a time?

If I reject all port is it possible to then accept them? or do I have to
accept the ports I want then Reject all of them?

Greg Gerritsen
Network Administrator
Ruffneck Heaters
B. Sc. (CIS), CCNA