On Wednesday 16 April 2003 13:14, Mattias Ahnberg wrote: > >> "AS" == Adam Schrader <schrader2k2@xxxxxxxxx> writes: > > AS> how can i filter for a range of ports? I have seen people use > AS> 1024:32000 when saying from port 1024 to 32000 but tc doesnt > AS> accept this? can somebody tell me how i can do this? -thanks > > iptables -A INPUT -p tcp --dport 1024:65535 -j ACCEPT > > Should do what you want. iptables is very limited in defining ranges, > multiple hosts and similar ranges compares to ipfw2. I hope this will > change sometime in the future since it would highly simplify the > definitions of large rulesets. There is an iptables patch to do this : http://www.netfilter.org/documentation/pomlist/pom-base.html#mport Example : iptables -A FORWARD -p tcp -m mport --ports 23:42,65 Stef -- stef.coene@xxxxxxxxx "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net
