Defining ip range in a rule
Hardik Dalwadi
hardik at deeproot.co.in
Mon Mar 20 12:49:34 CET 2006
Hi McDouglas,
On Monday 20 March 2006 04:52 PM, McDouglas wrote:
> Hi,
>
> I'd like to ask how to define an ip address range in a rule. I don't
> mean using subnet mask but rather for example making a rule which will
> block port 110 for the 10.10.2.50-10.10.2.150 ip range.
If your kernel is compiled with CONFIG_IP_NF_MATCH_IPRANGE=y
then check below Example.
iptables -I PREROUTING -t nat -m iprange --src-range
^^^^^^^^^^^^^^^^^^^^^^
10.10.2.50-10.10.2.150 -p tcp --dport 80 -j DNAT --to
^^^^^^^^^^^^^^^^^^^^^^^^^
10.10.2.1:3128
Hardik Dalwadi.
More information about the netfilter
mailing list