On Tuesday 26 August 2008 16:17, Ned Slider wrote: > Joseph L. Casale wrote: > >> My understanding is that --dport can only specify a single port > >> (--dport 80) or port range (--dport 137:139) inclusive. Use of the > >> multiport module allows up to 15 ports (or port ranges) to be > >> specified. > > > > Ned, > > So to write --dport 5060,10000:60000 you need to write: > > -m multiport -p udp -dport 5060,10000:60000 > > Correct? > > > > Thanks for the help! > > jlc > > I've not used multiport so am unsure of the exact syntax, but that looks > reasonable. > > I'd keep the -m multiport and --dports together though (also note it's > --dports, not -dport), so something like this: > > iptables -A INPUT -p udp -m multiport --dports 5060,10000:60000 -j ACCEPT > > would accept all UDP packets destined for ports 5060 and 10000-60000. Some light reading on IPTABLES. :) http://iptables.rlworkman.net/chunkyhtml/index.html -- Regards Robert Smile... it increases your face value! Linux User #296285 http://counter.li.org