[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Open a range of ports with iptables




On May 29, 2006, at 4:00 AM, François Patte wrote:

redhatdude bellsouth net a écrit :
Hi,
That didn't help much.
Thanks anyway Mr. Patte
Can anyone give me the complete command to open those range of ports in
the firewall?

/sbin/iptables -A OUTPUT -o ppp0 -p tcp --dport 21 -m state --state
NEW,ESTABLISHED -j ACCEPT

/sbin/iptables -A INPUT -i ppp0 -p tcp  --sport 21 -m state --state
ESTABLISHED -j ACCEPT

/sbin/iptables -A OUTPUT -o ppp0 -p tcp --dport 20 -m state --state
NEW,ESTABLISHED -j ACCEPT

/sbin/iptables -A INPUT -i ppp0 -p tcp  --sport 20 -m state --state
ESTABLISHED,RELATED -j ACCEPT

/sbin/iptables -A OUTPUT -o ppp0 -p tcp --sport 1024:65535 --dport
1024:65535 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

/sbin/iptables -A INPUT -i ppp0 -p tcp --sport 1024:65535 --dport
1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT

Each "double" line is in fact a single line.

Here, the range is not the one you want, but you can modify.

and, I insist, use man iptables, to fit exactly want you want, my
example, is for my use, this not perhaps what you want (input
connections are forbidden with these rules, only output and the answer
of a remote server is allowed).


That did it. Thanks a lot.
I have no knowledge of iptables and I wasn't sure how to specify a range of ports using the GUI in FC5. Will (CodeHead), I used google to try to find the answer before posting here. Next time I'd appreciate a more helpful answer from you. The purpose of this mailing list is to help those who are less knowledgeable, not to lecture them.
Thanks for the help guys.
EJ


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]