A simple solution is to add an in.ftpd entry to your /etc/hosts.allow and
hosts.deny, but that wouldn't make it secure for IP-spoofing. The better way
would be to use IPchains. the -i options allows you to specify an interface.
Example:
ipchains -P input DENY
ipchains -A input -i eth0 -s 10.0.0.0/24 -j ACCEPT
The above example says:
DENY everything, but
ACCEPT all traffic coming from eth0 with source-address 10.0.0.0 to
10.0.0.255.
This is just a basic example. Extend it with -p ftp and -p ftp-data and all
the other options you want.
Have a look at: http://metalab.unc.edu/mdw/HOWTO/IPCHAINS-HOWTO.html
Serge Maandag.
-----Original Message-----
From: Daniel Zeaiter [mailto:[EMAIL PROTECTED]]
Sent: maandag 31 januari 2000 9:15
To: [EMAIL PROTECTED]
Subject: Blocking FTP to external-network users
I have an FTP server setup on my RH6.1 K2.2.14 machine, but I wish to
only allow computers on my local network (192.168.1.0) to access it. How
is this possible? I figured maybe using IP Chains, but can you use that
to block individual ports?
Thanks in advance!
Daniel Zeaiter.
--
Daniel Zeaiter
E-Mail: [EMAIL PROTECTED]
Phone: 0408 242 500
ICQ: 16889511
Website: homepages.ihug.com.au/~mdzeater
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
