Why not just use tcp wrappers?
On Thursday 08 August 2002 04:40 am, Jim Bija wrote: > Heres a quick way to limit only certain IP's to your SSH server. Which i > think every ssh server admin should do myself. As the exploits have run > wild as of late.. > These are simple IPCHAINS commands. Which with Redhat ive been fuzzy on as > of late. It seems you have to have a firewall on to use ipchains? Whats up > with that. I put many commands like this in a SHell script and run it at > boot via rc.local. When i tell ipchains to be on via setup they error out. > I have to actually go into Redhats firewall setting and have a medium or > whatever, then i flush and insert my own. Is there a way around this? Its > like Redhat is forcing me to use "their" rules if i want to use ipchains at > all. I dont like this at all. Please help. And i hope i helped you. > > ipchains -I input -p tcp --dport 22 -j DENY > ipchains -I input -p tcp --dport 22 -s x.x.x.x -j ACCEPT > ipchains -I input -p udp --dport 22 -j DENY > ipchains -I input -p udp --dport 22 -s x.x.x.x -j ACCEPT <------------SNIP-------------> -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
