TCP Matches

• --sport – Source Port

  • Can be specified by number iptables -A INPUT -p 6 –sport 22 -j ACCEPT
  • Can be specified by name as long as the port is listed in /etc/services – this is less efficient since it requires a lookup each time
  • Can specify a range with ":"
    • 5800:5900 – everything between and including 5800 and 5900
    • :1023 – everything up to port 1023
    • 1024: - everything from 1024 to 65535

Notes: