iptables: -p all AND --dport xx (is it possible)
David Becker
dbecker at online.nl
Wed Apr 27 19:58:35 UTC 2005
Alan :) wrote:
> The following rule can't be applied
>
> iptables -A INPUT -p all --dport 80 -j DROP
>
> the above fails stating that --dport is not recognized.
>
> I'm trying to drop all traffic to port 80. If I provide a specific protocol it works. For example: iptables -A INPUT -p tcp --dport 80 -j DROP
>
> any ideas?
Maybe because using port numbers doesn't make sense for icmp packets,
which is included in the rule when using -p all?
Looks like you have to specify two rules, one for tcp and one for udp.
David
>
> -- Alan Angulo
> Systems Administrator
> Academic Computing
> East Stroudsburg University
> e-mail: alan at esu.edu
> Tel: (570) 422-3783
>
More information about the users
mailing list