On Thu, 2004-05-06 at 08:58, wschroed@xxxxxxxxxxxxxxxx wrote: > > I am currently writing a mini how-to for a SANS paper Always a good cause. ;-) > Try `iptables -h' or 'iptables --help' for more information. > but iptables -A INPUT -i eth0 -p tcp -s 192.168.0.1 --sport 5000 -d > 192.168.0.22 --dport 56 -j ACCEPT works. As it should. > Now, according to the man page, the argument to -p can be tcp,udp,icmp,all > or a number representing a protocol in /etc/protocols or a name from > /etc/protocols. I have found that in reality iptables yields the same > error above for anything expcept tcp.udp,icmp or their associated numbers. > What have I missed -or- is the man page wrong? Just to make sure I'm reading this correctly, you are trying to define port numbers for other protocols besides TCP and UDP? If so, I think your problem is that only TCP and UDP use port numbers. There is no comparable application with other transports (at least none that I'm aware of). HTH, Chris
