As it turned out their was a hidden character in one of my logging rules which was totally messing with my head :-) Thanks, Ted On Wed, 2003-10-15 at 02:27, Joel Newkirk wrote: > On Tue, 2003-10-14 at 23:10, Ted Kaczmarek wrote: > > Digging around the only thing I found was a patch-o-matic that allowed > > for doing a range of 15 ports. > > > > I see many references with dnat and snat, but nothing besides the patch > > for input or forward chains. > > > > If anyone has a link that or info that can steer me in the right > > direction the beers are on me at the Javits Center Linux show. > > > > Thanks, > > Ted > > Do you mean something like specifying tpc port 135 through 139 in a > single rule? > > iptables -A INPUT -i $EXTIF -p tcp --dport 135:139 -j DROP > > If you mean non-contiguous ports, you're looking at multiport: > > iptables -A INPUT -p tcp -m mulitport --dport 21,25,80,110,143,443 -j > ACCEPT > > Multiport is limited to 15 ports per rule. > > j
