The multiport extension has a limit (15) for the ports that can be specified. But I need to specify much more port numbers in a single rule, so I tried to use several multiport in one rule like: iptables -A INPUT -p tcp -m multiport --destination-ports 59100 -m multiport --dest...
iptables -t filter -A INPUT -s 172.16.0.0/16 -p udp --dprot 53 -j DROP #filter表,INPUT链,来自172.160.0.0/16网段,使用UDP协议,目标端口号53,采取动作 DROP 实例4:让内网用户可以相互发邮件 iptables -A PREROUTING –p tcp --dport 110 –j ACCEPT iptebles -A PREROUTING –p tcp --dport ...
iptables -t filter -A INPUT -s 192.168.0.0/24 -d 192.168.0.71 -p tcp --dport 22 -j ACCEPT #filter表,INPUT链,从192.168.0.0/24网段,到192.168.0.71主机,基于tcp协议,目标端口22,采取动作ACCEPT iptables -t filter -A OUTPUT -s 192.168.0.71 -d 192.168.0.0/24 -p tcp --sport 22 -j ACCEP...
$ iptables -A INPUT -p $protocol --dport $port -m connlimit --connlimit-above N --connlimit-mask M -j [REJECT --reject-with tcp-reset | DROP]Copy Since there are lots of options, let’s explain them one by one: -A INPUT: The -A option is for appending a rule to a specifi...
multiport:多端口匹配——以离散方式定义多端口匹配,最多可以指定15个端口 [!] --source-ports,--sports port[,port|,port:port]...匹配源端口 Match if the source port is one of the given ports. The flag --sports is a convenient alias for this option. Multiple ports or...