iptables multiple ports

[Jackd]

Ive got a line in my iptables rules file thats

Code:

-A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -j REDIRECT --to-ports 3128

This is to redirect requests to the transparent proxy, i want to send all requests apart from https and ssh to the proxy so i tried this

Code:

-A PREROUTING -p tcp -m tcp -i eth1 ! --dport 443,22 -j REDIRECT --to-ports 3128

But it seems like iptables doesnt like the comma there, is that supposed to be set out like that or is it supposed to be different.

Jack

[ChrisH]

Use something like shorewall to sort your IPTables. It will save you a lot of frustation in the end.