<![CDATA[静怡家园]]>

<![CDATA[静怡家园]]> http://www.zhanghaijun.com/index.php zh-cn http://www.zhanghaijun.com/post// <![CDATA[iptables使用multiport 添加多个不连续端口]]> 碟舞飞扬 <webmaster@zhanghaijun.com> Mon, 16 May 2011 17:26:08 +0000 http://www.zhanghaijun.com/post//
iptables -A INPUT -p tcp -m multiport --dports 21:25,135:139 -j DROP
iptables -A INPUT -p tcp -m multiport --dports 110,80,25,445,1863,5222 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m multiport --dports 22,80,443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 22,80,443 -m state --state ESTABLISHED -j ACCEPT

如果不使用multiport参数，只能是添加连续的端口。

如:
iptables -A INPUT -p tcp –dport 21:25 -j DROP

而不能写成21:25,135:139
Tags - iptables , multiport ]]> http://www.zhanghaijun.com/post//#blogcomment <![CDATA[[评论] iptables使用multiport 添加多个不连续端口]]> <user@domain.com> Thu, 01 Jan 1970 00:00:00 +0000 http://www.zhanghaijun.com/post//#blogcomment