Multiple IP-Addresses?
Antony Stone
Antony@Soft-Solutions.co.uk
Thu, 28 Jun 2001 16:21:49 +0100
On 28 Jun 01 at 16:51, Marc Hansen wrote:
> Hi,
> is it possible to set multiple IP-Addresses with the "-s"-option?
>
> The reason is, that I want to exclude some IP-Addreses from nat.
>
> My example
>
> -A PREROUTING -s ! 1.2.3.4,1.2.3.5,3.4.5.6.7 --dport 21 -j REDIRECT \
> --to-ports 10000
I think this sort of thing is only possible if the multiple addresses can be
expressed as a complete subnet:
eg for (part of) your example above
-A PREROUTING -s ! 1.2.3.4/30 --dport etc.......
would exclude the addresses 1.2.3.4, 1.2.3.5, 1.2.3.6 and 1.2.3.7
As far as I'm aware, you can't specify lists of either single addresses or
subnets - they'd have to be put into separate rules somehow.
Hope this helps,
Antony.