[NCLUG] Iptables - ip range
Jesse Courchaine
JCourcha at Colostate.Edu
Mon Nov 25 14:45:19 MST 2002
It would be nice if they had that built in.. but unfortunately that does
not work.
I think the only option now is have the multiple rules, I'm just not
sure if it will
cause a slowdown in my network connections.
Thanks,
Jesse
-----Original Message-----
From: nclug-admin at nclug.org [mailto:nclug-admin at nclug.org] On Behalf Of
Michael Dwyer
Sent: Monday, November 25, 2002 11:05 AM
To: nclug at nclug.org
Subject: Re: [NCLUG] Iptables - ip range
Jesse Courchaine wrote:
> Hi,
>
> If anyone is knowledgable in iptables, I have a question for you. I
> would
> like to select a range of IP addresses (i.e. 10.10.10.30 -
10.10.10.60,
> not a subnet)
> Ex.
> Iptables -A INPUT -S 10.10.10.30 -i eth0 -p tcp --dport 21 -j ACCEPT
> Iptables -A INPUT -S 10.10.10.31 -i eth0 -p tcp --dport 21 -j ACCEPT
> Iptables -A INPUT -S 10.10.10.32 -i eth0 -p tcp --dport 21 -j ACCEPT
I don't see it in the man page, but does a range specification work?
iptables -A INPUT -S 10.10.10.31:10.10.10.60 -i eth0 -p tcp --dport 21
-j ACCEPT
_______________________________________________
NCLUG mailing list NCLUG at nclug.org
To unsubscribe, subscribe, or modify your settings, go to:
http://www.nclug.org/mailman/listinfo/nclug
More information about the NCLUG
mailing list