Frank.Mayer@xxxxxxxxxxxxxxxxx wrote:
Hello,
I'd like to use two ipsets in a single iptables rule similar to
iptables -A FORWARD -p tcp -m tcp --dport ssh -m set --set clients src -m
set --set servers dst -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A FORWARD -p tcp -m tcp --sport ssh -m set --set servers src -m
set --set clients dst -m state --state ESTABLISHED -j ACCEPT
Have you tried without -m tcp? I think that -m tcp is wrong here.
Can anyone tell me if that's just a syntax error or if this is entirely
impossible?
(Kernel 2.4.32, iptables 1.3.4, ipset 2.2.7)
Thanks in Advance,
Frank Mayer
UNIX Systemadministration
----------------------------------------------------
KNAPP Systemintegration GmbH
Waltenbachstrasse 9
8700 Leoben, Austria
----------------------------------------------------
Phone: +43 3842 805-921
Fax: +43 3842 82930-921
frank.mayer@xxxxxxxxxxxxxxxxx
www.knapp.com
--
Ако не отговарям на писмата Ви - погледнете тук: http://6lyokavitza.org/mail
