Hmm, I'll try to help. If you're running rsync daemon mode using port 873/tcp, you can filter the ipchain by the port number. (There is an entry in services for 873/udp - does anyone know if this is this used, or just reserved?) Something as little as: /sbin/ipchains -A output DENY -i $extif 873 where $extif is the external interface. Maybe add -l at the end to log the attempts. Otherwise if you're running it using rsh, ssh, whatever, I think you should be able to set up your permissions there (I haven't used either yet, so I speak from ignorance on rsh/ssh). HTH, Lillian Message: 11 From: "Liston Johnson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Security Date: Tue, 14 Nov 2000 10:26:08 -0000 This is a multi-part message in MIME format. ------=_NextPart_000_0028_01C04E25.4D700F80 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Hi Can anyone give me some examples of using rsync with ipchains in order to stop someone from the outside using rsync to copy files/directories from a server. Thanks. Liston Johnson iCrunch Ltd 2nd Floor 326 Kensal Road London W10 5BZ Tel +44 (0)20 8354 4872 Fax +44 (0)20 8354 4801 Mobile +44 (0)7932 110 719 Email [EMAIL PROTECTED] www.icrunch.com - Best Entertainment Site, NMA Awards 2000
