[CentOS] iptables question
Ned Slider
ned at unixmail.co.uk
Tue Aug 26 20:17:35 UTC 2008
Joseph L. Casale wrote:
>> My understanding is that --dport can only specify a single port (--dport
>> 80) or port range (--dport 137:139) inclusive. Use of the multiport
>> module allows up to 15 ports (or port ranges) to be specified.
>
> Ned,
> So to write --dport 5060,10000:60000 you need to write:
> -m multiport -p udp -dport 5060,10000:60000
> Correct?
>
> Thanks for the help!
> jlc
I've not used multiport so am unsure of the exact syntax, but that looks
reasonable.
I'd keep the -m multiport and --dports together though (also note it's
--dports, not -dport), so something like this:
iptables -A INPUT -p udp -m multiport --dports 5060,10000:60000 -j ACCEPT
would accept all UDP packets destined for ports 5060 and 10000-60000.
More information about the CentOS
mailing list