iptables\firewall rule

suseTOMA · March 10, 2011, 9:39pm

hey there everybody,

i’ve an issue in a firewall command i hope u help me on.

when i try to type the following firewall command:
iptables -A INPUT -s xxx.xxx.xxx.xxx -dport 8000:9000 -p tcp -j ACCEPT

it gives me:
Bad argument 8000:9000

it complaints about the port range and i cant see in problems in that.
i also tried to change the order of the options but it never worked.

one other thing,
why it don’t allow me to add -sport option in the above command?

thank u very much,

ab · March 10, 2011, 10:25pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wildly guessing based on iptables manpage:

–dport port:port]

Two dashes, not one.

Good luck.

On 03/10/2011 02:06 PM, suseTOMA wrote:
>
> hey there everybody,
>
> i’ve an issue in a firewall command i hope u help me on.
>
> when i try to type the following firewall command:
> iptables -A INPUT -s xxx.xxx.xxx.xxx -dport 8000:9000 -p tcp -j ACCEPT
>
> it gives me:
> Bad argument 8000:9000
>
> it complaints about the port range and i cant see in problems in that.
> i also tried to change the order of the options but it never worked.
>
> one other thing,
> why it don’t allow me to add -sport option in the above command?
>
> thank u very much,
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIbBAEBAgAGBQJNeUG0AAoJEF+XTK08PnB5HUYP+Kx5881VXRTsbZ2j3gS+sog1
kXHe0kBnKOrEDncJBgdUY0KCtLDpKSvQ5vDGRpAVy1v6FVRrxi99ogG83HLK6zbZ
zM0fOwYqD7ziaPLgp7krj573ypFaiQH/6DhsqCsM8uwkfU69nIJsEtVJzmGjqpiO
FTDSVWdqKAK5WVbspscOSW69yScoo/AM6q+SnM9z8Mq3Ks6IogNVvaScz5zsSkb6
1jwKps5X1nJQDgU/ZnZegwM0lsTpn32BsNHT0OLM3zrh+/XCFz3U1qnynYfmgITw
RNLEFLgCkHOxpke3ggyqzW17DTvweaesYqrpNYzJaqaz51C30S6eWR1ntvQAGnC7
Hyu7WctRcIurPZG+5JXocj0tBp+Wu095N25t/L/S29MQJmKnED2R/GZcTaDffVQh
n0vX2a5mYGt0Y4aCPQHWkj47cdEaowIfcbQQUahW9TpZZigYjXB4aa57mXQWx/tt
S3Dpysdzd82XVxlTZwNy+kXPznJBpEQ7RiTsuBMOATH4ej8H180HmZ2tfexDTKoj
9FmGqo4SDQHLEEIe4WXDFZb1qsDWv8JXHPgiN0LQlwiSZuf1CgawFJXCQJSMYLmt
PrwzXptuy0Rur9s5DYGrgJGsBMwhFQaOeoRlYse/xfB83Mdd5xC0L03k+7qG2yFs
AEXYFid8b4w5nY6li2E=
=y2zM
-----END PGP SIGNATURE-----

tsu2 · March 11, 2011, 8:20pm

Don’t modify IP Tables directly.
Open up YAST > Firewall and configure from there.

YAST will configure IP Tables for you, avoiding numerous possible errors.

HTH,
Tony