For the sake of completeness :)
Peggy Kam wrote:
Hi,
I have defined the following firewall rule in iptables:
iptables -I FORWARD -s 192.168.22.102 -d 192.168.1.112 -p tcp -m tcp -m
multiport --ports 22,23,24,25 -j ACCEPT
why were the packets able to get to 192.168.1.112 on port 22 when the
packets does not even come from ports 22,23,24 or 25?
man iptables:
multiport
...
--ports [!] port[,port[,port:port...]]
Match if either the source or destination
ports are equal to one
of the given ports.
So, this is expected behavior, provided that there are no other rules
in the way.
HTH,
Joerg
!DSPAM:43299390313231087616080!
