iptables rules
Jörg Harmuth
harmuth at mnemon.de
Thu Sep 15 17:33:44 CEST 2005
For the sake of completeness :)
Peggy Kam wrote:
> Hi,
>
> I have defined the following firewall rule in iptables:
>
> iptables -I FORWARD -s 192.168.22.102 -d 192.168.1.112 -p tcp -m tcp -m
> multiport --ports 22,23,24,25 -j ACCEPT
>
> why were the packets able to get to 192.168.1.112 on port 22 when the
> packets does not even come from ports 22,23,24 or 25?
man iptables:
multiport
...
--ports [!] port[,port[,port:port...]]
Match if either the source or destination
ports are equal to one
of the given ports.
So, this is expected behavior, provided that there are no other rules
in the way.
HTH,
Joerg
!DSPAM:43299390313231087616080!
More information about the netfilter
mailing list