Pario TechnoBlob
msgbartop
A cronological documentation test project, nothing serious, really!
msgbarbottom

27 May 08 Some iptables tricks

Posted by Hans-Henry Jakobsen

Multiport

The Multiport extension allows you to specify multiple ports and ranges and makes it possible to create complex rules in one line. Here’s an example of how you can allow SSH, Web, IMAP and X terminal traffic 

iptables -A INPUT -p tcp -m multiport --dports 22,80,143,6000:6003 -j ACCEPT

The alternative to using this rule would be

iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp --dport 6000:6003 -j ACCEPT

The multiport directive saves you a lot of lines to maintain and requires less system processing.

Tags: ,

Filed in Linux, Network
«
»

Leave a Comment

You must be logged in to post a comment.

sidebartop

Tags

Apache apt-get awk backup basename bash CentOS convert csv Database dd Debian egrep Etch EXIF Fedora find Gentoo grep howto html imagemagick iptables iso jhead JPG mount MySQL mysqldump Nikon nmap perl PHP Postfix RedHat rhel5 rpm sed SMTP sort ssh Ubuntu vim xargs Zimbra
sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Recent Comments

sidebarbottom
sidebartop

Meta

sidebarbottom
© Pario TechnoBlob / Design: Smashing Wordpress Themes