ipfw3: match multiple ports in a rule
bycn82 at gmail.com
Fri Nov 25 05:38:22 PST 2016
Sorry for replying late. I was super busy recently.
Yes, the ipfw3 supports 'or' block, and we can use 'or' to join all the
filters. so your firewall rules can be shorten as:
ipfw3 add [rule number] allow tcp to 18.104.22.168 dst-port 22 or 80
On 24 November 2016 at 16:52, Chuck Musser <cmusser at sonic.net> wrote:
> > On Nov 23, 2016, at 11:58 PM, Freddie Cash <fjwcash at gmail.com> wrote:
> > Separate ports with commas (22,80) to specify multiple ports in a rule.
> And you can do ranges too using dashes: 22,80,10000-10100.
> Yes, the man page does describe and some of my attempts used it (the comma
> separated list, not the range). The specific results were:
> ipfw3 add 101 set 1 allow tcp to 22.214.171.124 22,80
> ipfw3: bad command `22,80'
> That one's just invalid.
> ipfw3 add 100 set 1 allow tcp to 126.96.36.199 dst-port 22,80
> ipfw3 list 100
> 00100 allow tcp to 188.8.131.52 dst-port 22
> It added the first port, not the second.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users