Hi David,
That still gives the same error. From the manpage, it seems that -p is
needed if using --dport, am I wrong about this?
David Lang wrote:
just leave out the -p entirely
David Lang
--On Friday, August 25, 2006 01:59:40 PM -0400 Matt Singerman
<msingerman@xxxxxxxxxx> wrote:
Hi all,
I was wondering, if I wanted to fliter packets on a specific port, can I
write a single rule to work on both tcp and udp traffic, or will I have
to write one rule for each?
Support, for instance, that I want to allow TCP and UDP packets from any
host on port 548 to a machine with IP address 192.168.1.4, could I write
a rule like:
-A FORWARD -s 0/0 -d 141.161.111.203 -p all --dport 548 -j ACCEPT
(please note, I am just using port 548 as an example.)
Now, I know that this doesn't work, because I tried it :) I can back
the
error:
iptables v1.3.5: Unknown arg `--dport'
I am guessing that is because "-p all" include ICMP, which doesn't take
the --dport argument. Am I wrong about that?
So, to do this, I would have to do two rules:
-A FORWARD -s 0/0 -d 141.161.111.203 -p tcp --dport 548 -j ACCEPT
-A FORWARD -s 0/0 -d 141.161.111.203 -p udp --dport 548 -j ACCEPT
Now, I would prefer not to do this, because in a lot of places, I would
have to add a whole lot of rules. So, I ask, is there a way to comine
TCP and UDP into a single rule?
Thanks!
