Specifying a port range with iptables?
Doug Lawlor
dlawlor at roadrunner.nf.net
Thu Apr 11 14:18:14 EDT 2002
Is it possible to specify a port range using iptables? If I present
iptables with the following line it gives me a statement something like:
iptables -A PREROUTING -t nat -p udp -d $MYIP --dport 2074 - 2076 -j DNAT --to 192.168.0.2:2074 - 2076
"Bad argument `-'
Try `iptables -h' or 'iptables --help' for more information. "
If I take out the spaces between the dashes:
iptables -A PREROUTING -t nat -p udp -d $MYIP --dport 2074-2076 -j DNAT --to 192.168.0.2:2074-2076
I get an invalid port specification or something to that effect.
Any help on this would be appreciated.
Doug
--
Doug Lawlor <dlawlor at roadrunner.nf.net>
#!/bin/bash
# Script: rc.firewall
# Created on: 17/02/2002
# Author: Doug Lawlor <dlawlor at roadrunner.nf.net
# Modified on: 11/04/2002
# Added code to get the ip from eth0 and
# put it into a variable for use in the port forwarding.
#simplified the port forwarding setup.
# Now uses two lines of scripting instead of 6
# Grab the IP address from eth0 using 'ifconfig'
# and put it into a variable.
MYIP=`ifconfig eth0 | sed '/.*addr:/!d;s///;s/ .*//'`
# Proform Address translation on all packets going out eth0
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Open the following ports for Speak Freely
# Forward ports 2074-2076 to 192.168.0.2
# Forward ports 4074-4076 to 192.168.0.2
iptables -A PREROUTING -t nat -p udp -d $MYIP --dport 4074 - 4076 -j DNAT --to 192.168.0.2:4074 - 4076
# End rc.firewall
More information about the Speakup
mailing list