linux - iptables block port range with single port exception

Friday, July 21, 2017

I`ve two rules. First blocked all port from range:

-A INPUT -m state --state NEW -m tcp -p tcp --match multiport --dports 200:65535 -j DROP

and second open one in this range:

-A INPUT -i eth0 -p tcp --dport 5901 -m state --state NEW,ESTABLISHED -j ACCEPT

but it doesn`t work. Anyone know why?

Blog