
This option allows you to match firewall rules against port variables
stored in the /proc/net/ipt_dynport directory. Multiple rules can match on a
single port variable. The port variable can either be a number representing 
a single port, or it can be a port range of the format x:y. TCP or UDP required.

Example:
iptables -A INPUT -p tcp -m dynport --dport DST_PORT -j ACCEPT
iptables -A INPUT -p tcp -m dynport --sport SRC_PORT -j ACCEPT
iptables -A INPUT -p udp -m dynport --sport PORT --dport PORT -j ACCEPT

To change port and enable matching:
echo 27015:27030 > /proc/net/ipt_dynport/DST_PORT

To disable this rule: 
echo 0 > /proc/net/ipt_dynport/DST_PORT
