TCP Wrappers is a host-based networking ACL system, used to filter network access to Internet Protocol servers on operating systems such as Linux.
It allows host or sub-network IP addresses, to be used as tokens on which to filter for access control purposes.
In this tutorial we configure host access with example of ssh access. how to deny and allow host access without help of firewall in linux.
Step 1) Edit hosts.allow file from the below command.
$ sudo vim /etc/hosts.allow
Step 2) Write below entry on the file
Note:- In this scenario we are allowing only selected ip's for accessing server.
and other all host will not access the server.
sshd : 192.168.20.20 : allow
sshd : 192.168.20.21 : allow
sshd : ALL : deny
Step 3) Now check the server access via ssh with selected ip and without selected ips.
For your Information :-
- If you get below error means your network does not have write access.
Ubuntu@~$ ssh root@192.168.20.2
ssh_exchange_identification: read: Connection reset by peer
Some daemon
sshd : 192.168.20.20/255.255.192.0 : allow
sshd : 192.168.60.64 : allow
ftp : 192.168.60.64 : allow
ftp : ALL : deny
postgresql : 192.168.60.64 : allow
postgresql : ALL : deny
27017 : 192.168.60.64 : allow
27017 : LOCAL : allow
27017 : ALL : deny
cpaneld : 192.168.60.64 : allow
cpaneld : ALL : deny
No comments:
Post a Comment
testing