On Thu, 16 Jun 2005, Sadus . wrote: > Hello i want to drop ALL connections on my internal NIC except: > 20,21,80,443 > is this correct? (although not working) > > > iptables -A INPUT -i eth1 -s 172.16.3.0/16 -p tcp -m multiport ! > --destination-port 20,21,80,443 -j DROP #USERS iptables -P INPUT DROP iptables -A INPUT -i eth1 -s 172.16.3.0/16 -p tcp -m multiport \ --destination-port 20,21,80,443 -j ALLOW Which does what your english description says.. drops all by default, but allows ports 20, 21, 80, 443 to your 172.16.3.0/16 network, over eth1. Carl - -- "There are 10 types of people in the world: Those who understand binary and those that don't."
