Le mardi 12 juillet 2005 à 14:56 +0430, afshin lamei a écrit :
> "iptables -A INPUT -p tcp -m mport --ports 20:23,80 -j DROP " from
> patch-o-matic is perfect, but what is that: Source port or Destination
> port?
Sorry, but RTFM :)
$iptables --version
iptables v1.3.1
$ man iptables
[...]
mport
This module matches a set of source or destination ports. Up to
15 ports can be specified. It can only be used in conjunction
with -p tcp or -p udp.
--source-ports port[,port[,port...]]
Match if the source port is one of the given ports. The
flag --sports is a convenient alias for this option.
--destination-ports port[,port[,port...]]
Match if the destination port is one of the given ports.
The flag --dports is a convenient alias for this option.
--ports port[,port[,port...]]
Match if the both the source and destination ports are
equal to each other and to one of the given ports.
--
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!
