Hosts file syntax when want to deny multiple IP subnets or partial hostnames?

postcd · 02-06-2016, 04:56 AM

Hello,

i would like to use /etc/hosts.deny / hosts.allow

to block all connections except connections from two IP subnets and one hostname (partial match).

these i want to allow:

1.2.3.0/24
4.3.2.0/24
*.tmc*

.tmc is a part of the hostname

So far i found this to add into hosts.deny:

sockd : ALL EXCEPT 1.2.3.0/24

but i need to add two more allow rules..

Can i do:

sockd : ALL EXCEPT /etc/hosts.allow

and into /etc/hosts.allow add:

1.2.3.0/24
4.3.2.0/24
*.tmc*

i assume *.tmc* is wrong syntax

descendant_command · 02-06-2016, 05:19 AM

Code:

man hosts.allow

postcd · 02-06-2016, 07:00 AM

Quote:

man hosts.allow

thanks, i already found this, but i cant find it in that

---

I assume my hosts file syntax is wrong as i tried to disable ssh port 1234 connections but they are still there

# echo "" && echo "Number of connections per port" && netstat -tuna | awk -F':+| +' 'NR>2{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n | grep 1234 && echo "" && echo "Netstat port 1234:" && netstat -tlnp | grep 1234 && echo "" && echo "Hosts.deny and ssh contianing lines:" && cat /etc/hosts.deny|grep ssh

Quote:

Number of connections per port
51 1234

Netstat port 1234:
tcp 0 0 0.0.0.0:1234 0.0.0.0:* LISTEN 1865/ssh

Hosts.deny and ssh contianing lines:
ssh : ALL EXCEPT /etc/hosts.allow2

descendant_command · 02-06-2016, 02:22 PM

The service "ssh" is defined as port 22, so your hosts rule won't apply to port 1234.

postcd · 02-07-2016, 04:59 AM

Quote:

Originally Posted by descendant_command

The service "ssh" is defined as port 22, so your hosts rule won't apply to port 1234.

my ssh listens on nonstandard port, i modified sshd config..

descendant_command · 02-07-2016, 08:33 AM

Code:

grep ssh /etc/services

postcd · 02-08-2016, 09:16 AM

Quote:

Originally Posted by descendant_command

Code:

grep ssh /etc/services

Quote:

ssh 22/tcp # The Secure Shell (SSH) Protocol
ssh 22/udp # The Secure Shell (SSH) Protocol
x11-ssh-offset 6010/tcp # SSH X11 forwarding offset
ssh 22/sctp # SSH
sshell 614/tcp # SSLshell
sshell 614/udp # SSLshell
netconf-ssh 830/tcp # NETCONF over SSH
netconf-ssh 830/udp # NETCONF over SSH
sdo-ssh 3897/tcp # Simple Distributed Objects over SSH
sdo-ssh 3897/udp # Simple Distributed Objects over SSH
snmpssh 5161/tcp # SNMP over SSH Transport Model
snmpssh-trap 5162/tcp # SNMP Notification over SSH Transport Model
tl1-ssh 6252/tcp # TL1 over SSH
tl1-ssh 6252/udp # TL1 over SSH
ssh-mgmt 17235/tcp # SSH Tectia Manager
ssh-mgmt 17235/udp # SSH Tectia Manager

????