On Sat, 2005-04-02 at 21:50 -0800, tuxxer wrote: > On Wed, 2005-03-30 at 22:17 -0800, Rahul Sundaram wrote: > [BIIIIG Snip] > > > > > http://members.cox.net/tuxxer/iptables-fw-config.html > > > > it is possible to provide a port range here. More > > information is available in the redhat docs. > > redhat.com/docs. > > Where? I've looked in the RH documentation, the Security guide etc. > I've run a couple searches. I've tried all of the "standard" range > indicators (-:;,) .... > > I'll continue to google it, to see if I find anything, but if you have a > specific link, that would be great! I've read the Python code to the extent I'm able, and it *doesn't* appear to be possible. Colons are recognized as a token to separate ports and protocols, but other than that, only the first series of numerals up to any non-numeral will be used as a port designator. In other words, if you enter something like 9990-9999:tcp, no error gets thrown, but what iptables will get is "--port 9990:tcp". Of course the iptables command will take ranges, but not system-config-securitylevel. Rahul, from what source are you deriving this? -- Paul W. Frields, RHCE
