Subject: Re: hosts.allow & hosts.deny
From: Philip Good (phil@redplanetx.com)
Date: Tue Jan 16 2001 - 07:29:20 MST
in hosts.deny put
ALL : ALL : DENY
in hosts.allow put:
aaa.aaa.aaa.aaa : ALL : ALLOW
aaa.bbb.ccc.ddd : ALL : ALLOW
xxx.xxx.xxx.0 : ALL : ALLOW
.domain.com
this will allow access by the first two IPs, all addresses that start with xxx.xxx.xxx and allow access from all hosts from the domain
domain.com.
Phil
> I'm having some trouble setting up my hosts.allow and hosts.deny files. The
> man entries explain everything more or less, except I don't know what the
> wildcard entry is! For some reason my man pages are slightly messed up and
> I get something like a control character instead of whatever the real
> wildcard character is.
>
> What I want to do:
>
> DENY access to everyone, then
> ALLOW access to just our internal IP addresses
> ALLOW access to a few individual static addresses off site
>
> I don't need to do anything as far as limiting access to specific ports or
> anything else exotic at this point as I'm not running mail/web/ftp services
> on this machine for anyone other than the above mentioned addresses.
>
> I'm also hoping that ALLOW takes precedence over DENY? Some systems I've
> worked with (notably Windows 2000) look at DENY and then ALLOW, which makes
> it very difficult to create a "nobody EXCEPT XYZ" type of policy.
>
> Thanks,
>
> Bryn
>
>
-- Philip Good Red Planet Development, Red Canyon Software, Good Chi Tai Chi
This archive was generated by hypermail 2a24 : Tue Jan 16 2001 - 14:32:35 MST