Is it possible to specify a port range using iptables? If I present iptables with the following line it gives me a statement something like: iptables -A PREROUTING -t nat -p udp -d $MYIP --dport 2074 - 2076 -j DNAT --to 192.168.0.2:2074 - 2076 "Bad argument `-' Try `iptables -h' or 'iptables --help' for more information. " If I take out the spaces between the dashes: iptables -A PREROUTING -t nat -p udp -d $MYIP --dport 2074-2076 -j DNAT --to 192.168.0.2:2074-2076 I get an invalid port specification or something to that effect. Any help on this would be appreciated. Doug -- Doug Lawlor <dlawlor at roadrunner.nf.net> #!/bin/bash # Script: rc.firewall # Created on: 17/02/2002 # Author: Doug Lawlor <dlawlor at roadrunner.nf.net # Modified on: 11/04/2002 # Added code to get the ip from eth0 and # put it into a variable for use in the port forwarding. #simplified the port forwarding setup. # Now uses two lines of scripting instead of 6 # Grab the IP address from eth0 using 'ifconfig' # and put it into a variable. MYIP=`ifconfig eth0 | sed '/.*addr:/!d;s///;s/ .*//'` # Proform Address translation on all packets going out eth0 iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Open the following ports for Speak Freely # Forward ports 2074-2076 to 192.168.0.2 # Forward ports 4074-4076 to 192.168.0.2 iptables -A PREROUTING -t nat -p udp -d $MYIP --dport 4074 - 4076 -j DNAT --to 192.168.0.2:4074 - 4076 # End rc.firewall
