iptables with multiport problem
Jason Opperisano
opie at 817west.com
Tue Oct 5 20:31:26 CEST 2004
On Tue, 2004-10-05 at 08:47, bruce wrote:
> Hi all,
>
> I am working with linux firewall implementation
>
>
> I am using iptables version v1.2.11 and linux kernal 2.4.27.
> If multiport option comes with iptables(iptable rules are below), the
> services are not working. But individual services are working properly.
> The following filtering rules are not giving any syntatical errors.
> I checked logs no info..
>
> #/sbin/iptables -A FORWARD -i eth0 -o eth1 -p tcp -s 192.168.2.0/24 -m
> multiport --dport 24,80 -m multiport --sport 0:65535 -d 192.168.1.2 -j
> ACCEPT
try:
iptables -A FORWARD -i eth0 -o eth1 -p tcp -s 192.168.2.0/24 \
-m multiport --dports 24,80 -d 192.168.1.2 -j ACCEPT
^
|- multiport uses "--dports" with an 's'
and what on earth is TCP port 24? should that be a 25, perhaps?
and "-m multiport" does not support byte ranges (21:23), use mport for
that, or a regular port match.
-j
--
Jason Opperisano <opie at 817west.com>
More information about the netfilter
mailing list