Open multiple ports. [Archive]

Click to See Complete Forum and Search --> : Open multiple ports.

yogee

07-08-2001, 12:44 PM

Can you open 40 ports in one line?

#-A input -s 0/0 -d 0/0 32766 -p udp -j ACCEPT
#-A input -s 0/0 -d 0/0 32767 -p udp -j ACCEPT

Like this?
#-A input -s 0/0 -d 0/0 32766 32809 -p udp -j ACCEPT

This what i realy need to do according to the game server details! Have no idea where or how to open and forward them though.

#ipfwadm -F -a accept -m -S 192.168.0.4/255.255.255.0 -D 0.0.0.0/0
#ipautofw -A -r udp 32766 32809 -h 192.168.0.4 -v -u

binary_boy

07-11-2001, 03:36 PM

To specify multiple ports in one line, I believe something like the following will work:

#iptables -A INPUT -i (external interface) -p udp --dport 32767:32809 -j ACCEPT

yogee

07-11-2001, 10:15 PM

Nope, failed to start ipchains.

binary_boy

07-12-2001, 01:58 PM

Ahh, didn't realize you were using ipchains. I don't know much about ipchains. I use iptables myself.

However I would think the logic of specifying multiple ports should be the same. simply insert the first port into your chain followed by a colon ( : ), then followed by the last port you want. That should cover the range of ports.

As for ipchains syntax, can't help you there.

[ 12 July 2001: Message edited by: binary_boy ]

yogee

07-12-2001, 03:31 PM

Oh gez, i didnt realize till just now that says tables. How blind. Anywayz, i do have tables in the system but not booting with it. I know i can boot both but in what order if i add that to iptables? Here is my curent chains.

# Firewall configuration written by lokkit
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward ACCEPT
-P forward DENY
-A forward -i eth0 -s 192.168.0.0/255.255.255.0 -j MASQ
:output ACCEPT
-A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT
-A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
-A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT
-A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A input -s 0/0 -d 0/0 -i eth0 -j ACCEPT
-A input -s 0/0 -d 0/0 -i eth1 -j ACCEPT
-A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT
-A input -p tcp -s 0/0 -d 0/0 2049 -y -j REJECT
-A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT
-A input -p udp -s 0/0 -d 0/0 2049 -j REJECT
-A input -p tcp -s 0/0 -d 0/0 6000:6009 -y -j REJECT
-A input -p tcp -s 0/0 -d 0/0 7100 -y -j REJECT

[ 12 July 2001: Message edited by: yogee ]

binary_boy

07-12-2001, 11:32 PM

Seems like you could just drop it at the end, since it doesn't look like any of the other chains would drop or reject packets directed at those ports.

Just put at the end:

#-A input -s 0/0 -d 0/0 32766:32809 -p udp -j ACCEPT