mport or multiport?

Jan Engelhardt jengelh at
Tue Jul 12 14:48:12 CEST 2005

>       --ports port[,port[,port...]]
>              Match if the both the source and destination ports are
>              equal to each other and to one of the given ports.

There are few daemons which bind to the portnumber they are listening on.
BIND could be configured to use a fixed port (e.g. 53) as the source port, and 
thus would be a possible use for --ports, because most destination ports for 
dns are 53, _too_.

More information about the netfilter mailing list