Set a range of ports in iptables

how to list a range of ports in iptables config file you can read there?

it is pretty easy to get how to:

was a simple task to a forward range of ports for File Zilla FTP Server on a virtual server that is running in Proxmox

to avoid crucial listing of full ports volume like this:

-A INPUT -p tcp -m tcp — dport 20 -j ACCEPT-A INPUT -p tcp -m tcp — dport 21 -j ACCEPT-A FORWARD -d 192.168.1.101/32 -i enp4s0 -p tcp -m tcp — dport 20 -j ACCEPT-A FORWARD -d 192.168.1.101/32 -i enp4s0 -p tcp -m tcp — dport 21 -j ACCEPT-A PREROUTING -i enp4s0 -p tcp -m tcp — dport 20:21 -j DNAT — to-destination 192.168.1.101:20-A PREROUTING -i enp4s0 -p tcp -m tcp — dport 20:21 -j DNAT — to-destination 192.168.1.101:21

we can use listing in the range:

-A INPUT -p tcp -m tcp — dport 20:21 -j ACCEPT-A INPUT -p tcp -m tcp — dport 45000:46000 -j ACCEPT-A FORWARD -d 192.168.1.101/32 -i enp4s0 -p tcp -m tcp — dport 20:21 -j ACCEPT-A FORWARD -d 192.168.1.101/32 -i enp4s0 -p tcp -m tcp — dport 45000:46000 -j ACCEPT-A PREROUTING -i enp4s0 -p tcp -m tcp — dport 20:21 -j DNAT — to-destination 192.168.1.101:20–21-A PREROUTING -i enp4s0 -p tcp -m tcp — dport 45000:46000 -j DNAT — to-destination 192.168.1.101:45000–46000

then it could be applied and saved as rules:

~ # iptables-restore < iptables_rules_20200710_ftp_filezilla~ # iptables-save > iptables_rules_20200710_ftp_filezilla

exactly for File Zilla FTP Server, it should be set the same range of ports for passive mode

Translate »