LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page CFS IP help cfs.allow vs cfs.deny
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-25-2015, 01:49 PM   #1
Sethos
LQ Newbie
 
Registered: Jul 2014
Location: Asheville, NC
Distribution: Centos 6.7 - 7
Posts: 7

Rep: Reputation: Disabled
CFS IP help cfs.allow vs cfs.deny

I am trying to set this up where i allow 192.168.0.1/24 but deny my gateway 192.168.0.1.
With raw iptables this would not be that hard, but with cfs i think cfs.allow overrides cfs.deny.
Any clues?

FYI: THIS IS A HOME SERVER USED LOCALLY FOR NFS SAMBA VIRTALBOX AND SUCH, NOT PUBLIC WEB SERVER.

P.s. Pardon the caps i'm legally blind, not screaming.
Last edited by Sethos; 08-25-2015 at 02:35 PM. Reason: ADDING FYI
 
Old 08-26-2015, 07:08 AM   #2
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,700

Rep: Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895Reputation: 5895
In the smb.conf global section you can deny a single host access within the same subnet like:

hosts allow = 192.168.0.0/24 localhost
hosts deny = 192.168.0.1
Last edited by michaelk; 08-26-2015 at 07:11 AM.
 
Old 09-19-2015, 02:57 AM   #3
goodhombre
Member
 
Registered: Mar 2010
Location: Ungheni, Rep. Moldova
Distribution: Ubuntu
Posts: 89

Rep: Reputation: 22
Quote:
Originally Posted by Sethos View Post
I am trying to set this up where i allow 192.168.0.1/24 but deny my gateway 192.168.0.1.
With raw iptables this would not be that hard, but with cfs i think cfs.allow overrides cfs.deny.
Any clues?

FYI: THIS IS A HOME SERVER USED LOCALLY FOR NFS SAMBA VIRTALBOX AND SUCH, NOT PUBLIC WEB SERVER.

P.s. Pardon the caps i'm legally blind, not screaming.
Or just try to add these to csf.deny :

Code:
192.168.0.2/31
192.168.0.4/30
192.168.0.8/29
192.168.0.16/28
192.168.0.32/27
192.168.0.64/26
192.168.0.128/26
192.168.0.192/27
192.168.0.224/28
192.168.0.240/29
192.168.0.248/30
192.168.0.252/31
192.168.0.254/32
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
CFS scheduler wet Linux - General 1 10-10-2007 07:29 PM
LXer: CFS Cleanups LXer Syndicated Linux News 0 08-12-2007 10:30 AM
CFS problem kenji Linux - Security 0 03-24-2007 02:30 PM
TrueCrypt vs. CFS kurrupt Linux - Security 4 10-10-2006 05:43 AM
Need help with CFS rjkfsm Linux - Security 1 08-05-2005 11:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:11 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration