>My understanding is that --dport can only specify a single port (--dport >80) or port range (--dport 137:139) inclusive. Use of the multiport >module allows up to 15 ports (or port ranges) to be specified. Ned, So to write --dport 5060,10000:60000 you need to write: -m multiport -p udp -dport 5060,10000:60000 Correct? Thanks for the help! jlc