Open a range of ports with iptables
redhatdude at bellsouth.net
redhatdude at bellsouth.net
Mon May 29 15:59:55 UTC 2006
On May 29, 2006, at 4:00 AM, François Patte wrote:
> redhatdude at bellsouth.net a écrit :
>> Hi,
>> That didn't help much.
>> Thanks anyway Mr. Patte
>> Can anyone give me the complete command to open those range of
>> ports in
>> the firewall?
>
> /sbin/iptables -A OUTPUT -o ppp0 -p tcp --dport 21 -m state --state
> NEW,ESTABLISHED -j ACCEPT
>
> /sbin/iptables -A INPUT -i ppp0 -p tcp --sport 21 -m state --state
> ESTABLISHED -j ACCEPT
>
> /sbin/iptables -A OUTPUT -o ppp0 -p tcp --dport 20 -m state --state
> NEW,ESTABLISHED -j ACCEPT
>
> /sbin/iptables -A INPUT -i ppp0 -p tcp --sport 20 -m state --state
> ESTABLISHED,RELATED -j ACCEPT
>
> /sbin/iptables -A OUTPUT -o ppp0 -p tcp --sport 1024:65535 --dport
> 1024:65535 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
>
> /sbin/iptables -A INPUT -i ppp0 -p tcp --sport 1024:65535 --dport
> 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
>
> Each "double" line is in fact a single line.
>
> Here, the range is not the one you want, but you can modify.
>
> and, I insist, use man iptables, to fit exactly want you want, my
> example, is for my use, this not perhaps what you want (input
> connections are forbidden with these rules, only output and the answer
> of a remote server is allowed).
That did it. Thanks a lot.
I have no knowledge of iptables and I wasn't sure how to specify a
range of ports using the GUI in FC5.
Will (CodeHead), I used google to try to find the answer before
posting here. Next time I'd appreciate a more helpful answer from
you. The purpose of this mailing list is to help those who are less
knowledgeable, not to lecture them.
Thanks for the help guys.
EJ
More information about the fedora-list
mailing list