For a long time now iptables has supported the ability to interpret rules using extensions to allow arbitrary ranges of IPs and ports to be specified in rules.
It also supports comma seperated values of arbitrary IPs and Ports in a single rule definitions.
It would be great if this could be worked into firewall3, as OpenWRT is consumer oriented it is much more logical for end users to specify ranges rather than have to calculate subnets.
Incorrect, as I've never heard OpenWrt considered as "completed firmware."
For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned.
~ WIki Main Page
- misnumbering and mistakes could be a risk
The port example from your link (I had to specify a protocol, which means the blogger had incorrect syntax - I choose -p tcp):
Then my humble suggestion would be that iptables-mod-iprange is made a standard package on non-flash-contrained platforms and that LUCI FW module is updated to allow ranges in the input field if the package is present.