diff --git a/pkg/utils/iptables/flag_test.go b/pkg/utils/iptables/flag_test.go
index 6b996e9..b435199 100644
--- a/pkg/utils/iptables/flag_test.go
+++ b/pkg/utils/iptables/flag_test.go
@@ -200,6 +200,42 @@ func TestParser(t *testing.T) {
 -A ufw-skip-to-policy-output -j ACCEPT
 -A ufw-track-output -p tcp -m conntrack --ctstate NEW -j ACCEPT
 -A ufw-track-output -p udp -m conntrack --ctstate NEW -j ACCEPT
+-A ufw-user-input -s 217.133.27.74/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 124.64.22.154/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 182.43.24.106/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 143.198.126.248/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 185.206.231.221/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 137.184.35.139/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 20.25.65.86/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 49.0.129.17/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 45.124.84.203/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 143.198.164.196/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 111.193.228.107/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 189.195.123.54/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 51.89.107.199/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 170.106.168.224/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 43.153.63.44/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 102.220.22.188/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 49.0.116.196/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 42.96.47.163/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 41.221.168.198/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 143.64.45.166/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 120.48.48.41/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 115.135.204.196/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 34.92.176.182/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 36.133.209.119/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 117.50.118.93/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 152.228.164.249/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 146.59.250.225/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 124.156.202.69/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 41.223.99.89/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 14.29.198.201/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 43.254.158.178/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 154.209.4.238/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 124.225.162.207/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 167.172.229.92/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 201.186.40.250/32 -j REJECT --reject-with icmp-port-unreachable
+-A ufw-user-input -s 157.7.215.143/32 -j REJECT --reject-with icmp-port-unreachable
 -A ufw-user-input -s 43.163.200.216/32 -j REJECT --reject-with icmp-port-unreachable
 -A ufw-user-input -s 43.134.85.220/32 -j REJECT --reject-with icmp-port-unreachable
 -A ufw-user-input -s 43.153.229.30/32 -j REJECT --reject-with icmp-port-unreachable
@@ -285,69 +321,6 @@ func TestParser(t *testing.T) {
 -A ufw-user-input -s 43.159.49.103/32 -j REJECT --reject-with icmp-port-unreachable
 -A ufw-user-input -s 117.50.172.41/32 -j REJECT --reject-with icmp-port-unreachable
 -A ufw-user-input -s 120.48.124.21/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 91.92.250.6/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 220.250.41.11/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.156.216.43/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 134.209.97.29/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 103.200.22.209/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 103.182.155.223/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 114.207.113.200/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 81.70.77.96/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.156.68.36/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 152.32.156.127/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 119.136.27.180/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.153.17.62/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.133.59.215/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.156.106.71/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 45.71.33.220/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 139.59.64.84/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 178.128.98.121/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 202.157.184.3/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 157.245.89.180/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.153.38.127/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 101.34.91.253/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 58.246.77.82/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 187.44.180.230/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 34.123.134.194/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 123.58.216.78/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 107.151.241.98/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 60.220.185.149/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 179.189.241.11/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 186.31.95.163/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 103.160.148.170/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 101.43.86.4/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 185.187.169.243/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 210.183.21.48/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 64.227.3.169/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 186.16.42.74/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 122.169.49.107/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 49.0.129.3/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 190.27.34.197/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.155.91.190/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 106.53.150.5/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 118.195.234.184/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 179.41.2.183/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.134.15.82/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 95.130.227.252/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 51.145.134.83/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 142.93.129.80/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.156.7.9/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 128.199.183.107/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 189.206.165.62/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.153.6.237/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 188.36.123.6/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 107.174.172.198/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.163.197.146/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.134.227.248/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.134.230.140/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 43.163.237.49/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 91.215.147.69/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 129.226.144.58/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 220.80.223.144/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 107.209.60.51/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 217.218.56.142/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 150.109.245.113/32 -j REJECT --reject-with icmp-port-unreachable
--A ufw-user-input -s 104.131.93.177/32 -j REJECT --reject-with icmp-port-unreachable
 -A ufw-user-input -p tcp -m tcp --dport 20 -j ACCEPT
 -A ufw-user-input -p tcp -m tcp --dport 21 -j ACCEPT
 -A ufw-user-input -p tcp -m tcp --dport 22 -j ACCEPT
diff --git a/pkg/utils/iptables/iptables.go b/pkg/utils/iptables/iptables.go
index 86efab5..d438925 100644
--- a/pkg/utils/iptables/iptables.go
+++ b/pkg/utils/iptables/iptables.go
@@ -54,6 +54,13 @@ type Rule struct {
 
 	// --sport example: 22 80
 	SrcPort string `json:"srcPort"`
+	// --sports example: 20000:40000
+	SrcPorts string `json:"srcPorts"`
 	// --dport example: 80
 	DstPort string `json:"dstPort"`
+	// --dports example: 45000:46000
+	DstPorts string `json:"dstPorts"`
+
+	// --limit example: 3/min
+	Limit string `json:"limit"`
 }
diff --git a/pkg/utils/iptables/parser.go b/pkg/utils/iptables/parser.go
index e0fded2..5213c46 100644
--- a/pkg/utils/iptables/parser.go
+++ b/pkg/utils/iptables/parser.go
@@ -83,7 +83,11 @@ func Parse(rules string) {
 			match := flagSet.StringP("match", "m", "", "")
 
 			srcPort := flagSet.String("sport", "", "")
+			srcPorts := flagSet.String("sports", "", "")
 			dstPort := flagSet.String("dport", "", "")
+			dstPorts := flagSet.String("dports", "", "")
+
+			limit := flagSet.String("limit", "", "")
 
 			_ = flagSet.Parse(args)
 			r := Rule{
@@ -104,9 +108,16 @@ func Parse(rules string) {
 				ExcludeProtocol: *excludeProtocol,
 				Jump:            Chain(*jump),
 				Goto:            Chain(*gotoChain),
-				Match:           *match,
-				SrcPort:         *srcPort,
-				DstPort:         *dstPort,
+
+				Match: *match,
+
+				SrcPort:  *srcPort,
+				SrcPorts: *srcPorts,
+
+				DstPort:  *dstPort,
+				DstPorts: *dstPorts,
+
+				Limit: *limit,
 			}
 			ruleList = append(ruleList, r)
 		}
@@ -126,6 +137,6 @@ func Parse(rules string) {
 	}
 
 	for _, rule := range ruleList {
-		logger.Log().Infof("规则： %+v", utils.Json(rule))
+		fmt.Printf("规则: %+v\n", utils.Json(rule))
 	}
 }