Find the answer to your Linux question:
Results 1 to 9 of 9
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    How to block multiple ports in iptables, ipset?


    Hello,

    on CentOS 6, iptables 1.4.7

    i can use rule to block IPs in my IPSet from accessing one port, example SSH:

    Code:
    -A INPUT -p tcp --dport 22 -m set --match-set blocklist src -j DROP
    (note that this is not iptables command but a line from a save file "iptalbes-save > output")

    But how to block multiple ports, example 21,22,25 ?

    I tried --dports 21,22,25, but iptables not wanted to import it saying: iptables-restore v1.4.7: unknown option `--dports'

  2. #2
    Just Joined!
    Join Date
    Dec 2014
    Location
    Sosnowiec, Poland
    Posts
    67
    Try to combine with this option:
    Code:
    --match multiport --dports X,Y,Z

  3. #3
    Quote Originally Posted by postcd View Post
    Hello,
    on CentOS 6, iptables 1.4.7 i can use rule to block IPs in my IPSet from accessing one port, example SSH:
    Code:
    -A INPUT -p tcp --dport 22 -m set --match-set blocklist src -j DROP
    (note that this is not iptables command but a line from a save file "iptalbes-save > output") But how to block multiple ports, example 21,22,25 ? I tried --dports 21,22,25, but iptables not wanted to import it saying: iptables-restore v1.4.7: unknown option `--dports'
    did you try looking at any of the 43 other threads you have open here asking about iptables that go back for YEARS to see if you could MAYBE, perhaps...one day....even TRY TO FIGURE SOMETHING OUT ON YOUR OWN. and for anyone who wants to see just go to the advanced search here and put iptables into keywords and postcd into username. 43....going back 5 yrs.

    after so many years you keep asking for single things that you should be able to do on your own if you spent 5 minutes thinking or reading the docs. or looking up examples. or putting something into google. but you dont and keep asking for handouts. and the program is even telling you that you have a syntax error in how you specify dports cant you look up the correct syntax?

    or do you want someone somehwere else to hold your hand again and tell you 'press these keys down in this order and your problem will be fixed. dont worry snowflake you dont have to think or work today!"??

  4. $spacer_open
    $spacer_close
  5. #4
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    4,087
    Come on guys, rein it in.

    @postcd, please remember that people here are volunteering their time to help. Have some respect for their time and at least research a fix yourself before posting, you'll learn more about the OS tools by doing that.
    @habit, please remember this should be a friendly, welcoming place.
    Linux user #126863 - see http://linuxcounter.net/

  6. #5
    Quote Originally Posted by Roxoff View Post
    Come on guys, rein it in.

    @postcd, please remember that people here are volunteering their time to help. Have some respect for their time and at least research a fix yourself before posting, you'll learn more about the OS tools by doing that.
    @habit, please remember this should be a friendly, welcoming place.
    yea but people have been asking him to show his own effort for YEARS and not only here. he never does or will apparently. every nasty pm anyone has ever gotten from him is always about how he doesnt care and just wants to be 'highly ontopic" (meaning: he wants the exact command not to learn to do it himself). does it constantly and always has. look at his posting history and not just for this topic. look on any other site where hes registered.

  7. #6
    Linux User
    Join Date
    Dec 2017
    Location
    Argentina
    Posts
    271
    Quote Originally Posted by habit View Post
    yea but people have been asking him to show his own effort for YEARS and not only here. he never does or will apparently. every nasty pm anyone has ever gotten from him is always about how he doesnt care and just wants to be 'highly ontopic" (meaning: he wants the exact command not to learn to do it himself). does it constantly and always has. look at his posting history and not just for this topic. look on any other site where hes registered.
    Why do you care..? If he doesn't want to learn, let him. Or are you his mother?

    Sent from my Moto G Play using Tapatalk

  8. #7
    Quote Originally Posted by CarterCox View Post
    Why do you care..? If he doesn't want to learn, let him. Or are you his mother?
    i care because the idiot is HERE pestering us. and on other forums pestering THEM. i dont care if he doesnt want to learn but if he wants to be stupid and lazy, he needs to do it without bothering anyone else.

    if your so concerned about him then you babysit him. heres a few goodies from this site alone where he not only asks questions about something hes used for years, where he gets direction then doesnt want it, but wants someone to give him only exact commands.
    http://www.linuxforums.org/forum/net...tml#post991522
    http://www.linuxforums.org/forum/mis...r-archive.html
    http://www.linuxforums.org/forum/sec...les-t-nat.html

    lots more, go look.

  9. #8
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    4,087
    Quote Originally Posted by habit View Post
    yea but people have been asking him to show his own effort for YEARS and not only here. ...
    Yes, it's difficult at times. But there are enough unwelcoming help sites out there for those asking questions about Linux. New users coming here may read stuff without knowing the history, this can easily turn people away before they've even asked their first question.

    And if users are sending you nasty or hate filled PMs then use the site reporting mechanisms. That behaviour is enough to get them a ban.
    Linux user #126863 - see http://linuxcounter.net/

  10. #9
    Linux User
    Join Date
    Dec 2017
    Location
    Argentina
    Posts
    271
    -->
    Quote Originally Posted by habit View Post
    i care because the idiot is HERE pestering us. and on other forums pestering THEM. i dont care if he doesnt want to learn but if he wants to be stupid and lazy, he needs to do it without bothering anyone else.

    if your so concerned about him then you babysit him. heres a few goodies from this site alone where he not only asks questions about something hes used for years, where he gets direction then doesnt want it, but wants someone to give him only exact commands.
    http://www.linuxforums.org/forum/net...tml#post991522
    http://www.linuxforums.org/forum/mis...r-archive.html
    http://www.linuxforums.org/forum/sec...les-t-nat.html

    lots more, go look.
    I'm not denying he asks the same questions over and over, but you getting in a fight with him won't change that. All you'll accomplish is scare potential members.

    Sent from my Moto G Play using Tapatalk

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •