Hello,
franck a écrit :
I have got some iptables rules suche as :
Code:
iptables -A OUTPUT -o eth0 -p tcp -d pop.mail.yahoo.co.uk
--dport 110 --sport $UNPRIVPORTS -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -d pop.1and1.fr --dport 110
--sport $UNPRIVPORTS -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s pop.mail.yahoo.co.uk --sport
110 --dport $UNPRIVPORTS -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s pop.1and1.fr --sport 110
--dport $UNPRIVPORTS -m state --state ESTABLISHED,RELATED -j ACCEPT
and I would like to put them on only two lines.
Note that pop.1and1.fr resolves into two IP addresses, so the related
iptables commands create two separate rules, one for each IP address.
Is that possible ?
I cannot see any simple way. Maybe with "ipset".
Why is it so important ?
Note : POP3 packets never match the RELATED state, so you can remove it.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
