Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tlug: IP control



On Mon, Aug 31, 1998 at 04:16:42PM +0900, Matt Gushee wrote:
> Hmm ... Steve knows a lot more about sys-adminning than I do, but why
> not put 
> 
> ALL: ALL
> 
> in /etc/hosts.deny, then specify a few friendly hosts in
> /etc/hosts.allow? Unless it's important for people to be able to

An alternative in the Linux world is to use the kernel's IP firewalling /
forwarding / gatewaying code and ipfwadm to do the same thing at the kernel
level.  Using ipfwadm you can control which packets are accepted and which
are rejected or dropped on the floor, with optional logging.

ipfwadm -I -p deny

and then use additional ipfwadm commands to make the holes you are
interested in allowing in.

-- 
Jim Tittsler, Tokyo   ICQ: 5981586


--------------------------------------------------------------
Next Nomikai: 18 September, 19:30 Tengu TokyoEkiMae 03-3275-3691
Next Meeting: 10 October, Tokyo Station Yaesu central gate 12:30
--------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links