Am Don, 2003-08-14 um 08.46 schrieb Payal Rathod: > # iptables -A INPUT -p all -s 0/0 -d 192.168.0.10 --dport 21 -j ACCEPT > iptables v1.2.7a: Unknown arg `--dport' > Try `iptables -h' or 'iptables --help' for more information. > > and this, > > # iptables -A INPUT -s 0/0 -d 192.168.0.10 --dport 21 -j ACCEPT > iptables v1.2.7a: Unknown arg `--dport' > Try `iptables -h' or 'iptables --help' for more information. > --dport requires the definition of a protocol beforehand. It is only defined when the protocol is either udp or tcp. Omitting the protocol or using all does not work because icmp, esp, ah, etc. do not have a port. > # iptables -A INPUT -p tcp -s 0/0 -d 192.168.0.10 --dport 21 -j ACCEPT Like I said. Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org
