multiport

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello i want to drop ALL connections on my internal NIC except:
20,21,80,443
is this correct? (although not working)


iptables -A INPUT -i eth1 -s 172.16.3.0/16 -p tcp -m multiport !
--destination-port  20,21,80,443 -j DROP #USERS

which basicaly means if source is in 172.16.3.0 then drop all except for
HTTP,FTP,HTTPS. that's in order for that IP range to not be able to
connect to Instant Messenging services such as MSN, AIM, Yahoo etc...
while keeping other IP ranges be able to use them.

Thanks
-- 
Sadus . <sadus@xxxxxxxxxxxx>
Swiftbin.net
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux