5

Setting iptables rule for all protcols for specific source and destination ports

view full story
linux-howto

http://serverfault.com – Is it possible to add a IPTABLES rule which allows all the protocols for specific source and destination ports? I tried the following but it didn't work. iptables -I FORWARD 1 -s 172.27.0.254/255.255.255.255 -d 0.0.0.0/0.0.0.0 -p 0 --sport 0:65535 --dport 1191:1191 -j ACCEPT iptables error: unknown option `--sport` Any comments are greatly appreciated. (HowTos)

xskl's picture
Submitted by xskl on 08/08/2012 – Made popular on 08/08/2012

Stories similar to Setting iptables rule for all protcols for specific source and destination ports

Iptables bash script 20 weeks 5 days ago

i'd like to basically drop all packets, but still allow port 22, 80 and 52533. ATM this firewall doesn't allow pinging, or for me to use yum update. How can I add that? Thanks for advice. Also is there an easier way to open port 80?

I've setup IPTables with the following script...

Mac OSX IPTables equivavlent 12 weeks 4 days ago

Just wondering how I would accomplish the following IPtables rules under Mac OSX:

iptables -A PREROUTING -t mangle -p udp --sport 7078 -J TOS --set-tos Maximize-Reliability iptables -A PREROUTING -t mangle -p udp --sport 7078 -J TOS --set-tos Maximize-Throughput iptables -A PREROUTING -t mangle -p udp --sport 7078 -J TOS --set-tos Mimimize-Delay

Also, with the source-port (sport), is that freel

I'm working on a debian server and when i add the following rules to forward a port to a lan address:

iptables -t nat -I PREROUTING -p tcp -d 192.168.1.1 --dport 3385 -j DNAT --to-destination 192.168.1.9:3389

iptables -I FORWARD -m state -d 192.168.1.2/10 --state NEW,RELATED,ESTABLISHED -j ACCEPT

i get the following with iptables -L:

Chain FORWARD (policy ACCEPT) target prot opt sourc

when trying to open the ports 110 and 25 in my iptables for outlook-only users, i cant do it except by forwarding as such:

-I FORWARD -i eth0 -s 192.168.1.0/24 -j ACCEPT -I FORWARD -i eth1 -d 192.168.1.0/24 -j ACCEPT

but doing so allows the rest of the users in my lan to bypass my squid proxy.

we currently have 2 old Linux servers running iptables that we're switching to a Cisco 2901 router. Since iptables and NAT on a Cisco device work differently, I'm not sure how to set up NAT on the Cisco device.

We have a rule in iptables that translates and forwards a packet based on its source and destination address.

I use a linux Centos 6.3 as an Internet gateway with NAT. I want to allow a specific host to have access to Internet, but not with IP address, because IP may change due to dhcp, and use a rule for a specific mac address.

I used the following but it does not work

iptables -t nat -A POSTROUTING -o $INTERNETDEVICE -j MASQUERADE iptables -A INPUT -i $INTERNETDEVICE -m state --state ESTABLISHED,RELA

Cant access website 2 years 22 weeks ago

Stop IPTABLES (service iptables stop) and try again, then if working, add port 80 to IPTABLES (cmdline:# iptables -A INPUT -p tcp ---dport 80 --sport 1024:65535 -j ACCEPT) I think this is th... [by hansolo]

I am trying to configure iptables for ubuntu 10.04 and I have a problem with iptables -L lagging on rows where the destination or source address is not localhost or anywhere.