Add allowed IP address to FTP server
 

I have a RHEL FTP server, which i'm told is setup to only allow certain IPs to connect to the FTP site. I have two questions though.

1) what file would show me what IPs are currently allowed?
2) what command do I do to add another IP to it?

/etc/hosts.allow and /etc/hosts.deny?

those files are empty. could it be somewhere else? like beneath sysconfig or something?

Depends where the restriction happens - at the FTP server level, in which case we'd need to know which FTP server daemon you're running or at the firewall level. Iptables perhaps? Under /etc/sysconfig/iptables

vsftpd is the ftp server i'm running. looks like iptables has some accepts statements in there. maybe that's where I add them? or could there be something in the vsftpd config also?

The best bet would be to edit your /etc/host.allow and /etc/hosts.deny files to control access. A prerequisite is to make sure tcp wrappers in enabled in your /etc/vsftpd.conf file :

Deny all incoming connections by default in /etc/hosts.deny by adding:
Specify the allowed connection in /etc/hosts.allow by adding:

The above example only allows ftp access from the local network ( 192.168.0.* ) and the IP 209.223.0.124

If there are no /etc/hosts.allow|deny files then you can just create them but make sure that they are rw only by root.

I'm just helping maintain the server, i'm not at liberty to reconfigure it like you're suggesting. I do see lines in my iptables like this, so I think I just need to add a new one, but how?

-A INPUT -s 1.2.3.4 -d 5.6.7.8 -j ACCEPT