LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-10-2003, 06:10 AM   #1
ganninu
Member
 
Registered: Jul 2003
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 340

Rep: Reputation: 30
Allow only specific IP's to log to FTP server


How can allow only specific IPs to log to my FTP server? iptables related or it goes even further?

thanks, ganninu
 
Old 12-10-2003, 07:04 AM   #2
dexter2
LQ Newbie
 
Registered: Nov 2003
Distribution: Red Hat Linux
Posts: 7

Rep: Reputation: 0
you can use always use iptables for such things, but one more quick & easy way might be to use:
/etc/hosts.allow
/etc/hosts.deny

-----x----------x----------x-----
In the hosts.allow you can write like:
vsftpd : 192.168.25.39, 192.168.25.73

In the hosts.deny you can write like:
vsftpd : ALL
-----x----------x----------x-----

I am assuming that u r running Red Hat 9 and Very Secure FTP server (vsftpd).
 
Old 12-10-2003, 07:44 AM   #3
ganninu
Member
 
Registered: Jul 2003
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 340

Original Poster
Rep: Reputation: 30
What is the iptables way of doing it (just to be generic in this forum) ?
 
Old 12-10-2003, 06:45 PM   #4
todesengel
Member
 
Registered: Sep 2003
Distribution: Slackware 10.0
Posts: 54

Rep: Reputation: 15
This is from memory, but...

iptables -A INPUT -p tcp --dport [whatever port you're using] -j DROP
then
iptables -A INPUT -p tcp --dport [whatever port you're using] -s [ip to allow] -j ACCEPT

Check the manpage, but that SHOULD work...
 
Old 12-11-2003, 04:02 AM   #5
/bin/bash
Senior Member
 
Registered: Jul 2003
Location: Indiana
Distribution: Mandrake Slackware-current QNX4.25
Posts: 1,802

Rep: Reputation: 47
Quote:
What is the iptables way of doing it (just to be generic in this forum) ?
Check out this firewall script. It is easy to configure for such things. All you would have to do would be put the IP in the PERMIT variable like thus:
PERMIT="192.168.0.2:21"
 
Old 12-11-2003, 07:26 AM   #6
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
Well you can't simply add 2 rules and you're set because of passive FTP. If it's possible you should limit the passive port area for proper firewalling. See the FAQ section at http://www.linux-corner.net/linux/services/ftp.html for more details!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP Server via Debian log in issue - Please help! murfman89 Linux - Networking 1 12-02-2005 11:16 PM
stopping specific ip's from accessing apache lawadm1 Linux - Software 7 09-26-2004 02:40 PM
FTP Server log location for proftpd and pureftpd jon_k Linux - Software 2 08-06-2004 03:21 AM
Allow SSH from specific IP's ONLY. m15a4 Linux - Security 3 12-29-2003 04:02 AM
Need program to find specific IP's from a list cjdock Programming 20 12-17-2003 09:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration