[NCLUG] Iptables - ip range
Michael Dwyer
mdwyer at sixthdimension.com
Mon Nov 25 11:04:54 MST 2002
Jesse Courchaine wrote:
> Hi,
>
> If anyone is knowledgable in iptables, I have a question for you. I
> would
> like to select a range of IP addresses (i.e. 10.10.10.30 - 10.10.10.60,
> not a subnet)
> Ex.
> Iptables -A INPUT -S 10.10.10.30 -i eth0 -p tcp --dport 21 -j ACCEPT
> Iptables -A INPUT -S 10.10.10.31 -i eth0 -p tcp --dport 21 -j ACCEPT
> Iptables -A INPUT -S 10.10.10.32 -i eth0 -p tcp --dport 21 -j ACCEPT
I don't see it in the man page, but does a range specification work?
iptables -A INPUT -S 10.10.10.31:10.10.10.60 -i eth0 -p tcp --dport 21
-j ACCEPT
More information about the NCLUG
mailing list