I am trying only allow 10 users httpd & telnet access to my company web
server(Linux-Mandrake 6.0 with Apache).
Right now the whole company has access to my web server. I tried to lock the
server down with httpd.conf, but gave up when I couldn't get it to work at
the ip level(it works no problem at the subnet level, however I need to lock
out some users at the same subnet level).
I have decided that ipchains may be my best option.
The web server ip =204.130.236.101
Example users = say 10.999.999.999 httpd
10.888.888.888 telnet
204.666.666.666 httpd
204.555.555.555 telnet
I just installed the rpm for ipchains. The file /proc/net/ip_fwchains is
empty.
And ipchains is setup as:
Chain input(policy ACCEPT)
Chain forward(policy ACCEPT)
Chain output(policy ACCEPT)
Questions:
1.) Is the first step to add to the following lines to file
/proc/net/ip_fwchains? :
CONFIG FIREWALL=y
CONFIG_IP_FIREWALL=y
2.) How do I first deny all telnet and httpd trafic? Assuming that a rule
for denying is the first step!
2.) How does one go about only allowing 10 users to telnet & httpd? With
seperate rules for telnet vs httpd? There will be more httpd users in
future.
Thanks for getting me started!