Results 1 to 5 of 5
I want to lock down my server to allow only certain ip addresses and ports in. I was thinking of doing this through the iptables but someone sugguested I used ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 06-29-2010 #1Just Joined!
- Join Date
- Jun 2010
- Posts
- 6
Setting up firewall/locking down ip's and ports
I want to lock down my server to allow only certain ip addresses and ports in. I was thinking of doing this through the iptables but someone sugguested I used the hosts.allow and deny files to allow who can access the system. What do people suggest? If I"m trying to ensure no ip's can access my system except the ones I want, how would I do this with just the allow and deny files?
- 06-29-2010 #2Linux Newbie
- Join Date
- Apr 2007
- Posts
- 119
You put the ip/service combination in the hosts.allow file and ANY:ANY in the deny. I am sure the man pages has an example on the use.
- 06-30-2010 #3Linux Engineer
- Join Date
- Oct 2005
- Location
- Italy
- Posts
- 773
Or you put the rules on the router firewall. It basically stays the same, even though I would put my hand in fire for using iptables because it is much more flexible. Furthermore hosts.allow may not work for some programs that do not have tcp wrappers support and what matters most (I don't know if you realized that), it doesn't include in any kind a feature to block udp traffic. That's the nature of tcpd.
tcpd service man page
comparison between iptables and tcpd/hosts.deny
- 06-30-2010 #4Linux Newbie
- Join Date
- Apr 2007
- Posts
- 119
Originally Posted by Kloschüssel 
I would use iptables also, but OP asked about using the wrappers.
- 07-01-2010 #5Linux Engineer
- Join Date
- Oct 2005
- Location
- Italy
- Posts
- 773
Most people don't know what's best for them unless you tell them.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
