> where come the output of the chains > > fw-new:~# iptables -L -n > Chain INPUT (policy ACCEPT) > target prot opt source destination > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT all -- 192.168.100.1 0.0.0.0/0 > ACCEPT all -- 192.168.100.2 0.0.0.0/0 > ACCEPT all -- 192.168.100.3 0.0.0.0/0 > ACCEPT all -- 192.168.100.4 0.0.0.0/0 > ACCEPT all -- 192.168.100.5 0.0.0.0/0 > ACCEPT all -- 192.168.100.6 0.0.0.0/0 > ACCEPT all -- 192.168.100.7 0.0.0.0/0 > ACCEPT all -- 192.168.100.8 0.0.0.0/0 > ACCEPT all -- 192.168.100.9 0.0.0.0/0 Uh you could merge those. > ACCEPT tcp -- 192.168.100.0/24 0.0.0.0/0 tcp dpt:22 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:25 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:110 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:143 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 You can also merge this using -m dport Jan Engelhardt -- | Gesellschaft fuer Wissenschaftliche Datenverarbeitung Goettingen, | Am Fassberg, 37077 Goettingen, www.gwdg.de
