Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am new with Suse and new with this group too. My boss just told me I need to build an FTP server with Suse 10.0. I installed Suse 10 on the new box fine. I configured to allow only SSH on firewall and it is wide open. My question is, I want to allow only the ip range to access SSH to this box only (192.9.1.0 - 192.9.1.20 and all 187.4.*.*), How do I do that? SuSEfirewall2/iptables installed. I wasted my 3 days googled here and googled there, but could not find any thing. Since I am a brand new rookie with Linux/Suse, please take it easy with me, ok!
Here what I know so far.
Firewall configuration file: /etc/sysconfig/SuSEfirewall2
Start/stop firewall: /sbin/SuSEfirewall2 start/stop
That's it!
ssh has tcp wrapper support. Add SSHD: ALL in /etc/hosts.deny, then add SSHD: $yourip1, $yourip2 in /etc/hosts.allow. In addition to this add the proper iptable rulesets just to make sure the connections get dropped. This is a quick hack but the iptables command could look something like this:
Code:
iptables -A INPUT -p tcp -s 192.168.1.100 --dport 22 -m state --state NEW -j ACCEPT
Thanks for info. I am familiar with solaris tcp_wrapper/hosts.allow,deny. Linux Suse is new to me. I read the link you sent but not mention any thing about how to run sshd to make it work with hosts.allow/deny. Do I have to setup sshd to run in inetd in able to work with hosts.allow/deny?
In solaris I add the following line into /etc/inetd.conf:
ssh stream tcp nowait root /usr/sbin/tcpd sshd -i
then add IPs (192.23.,84.12.) in hosts.allow then stop/start inetd daemon and it works fine. In this case, allow only ip start with 192.23 and 84.12.
In Suse, I tried to do the same but it does not work for me. I am sorry to bother you. I really need help.
What is the add IP format in hosts.allow on Suse?
Do I need to run sshd in /etc/xinetd.conf ?
Thank you for the help. SuSEfirewall2/Iptables is very complicated. I found out that Suse already used the tcp_wrapper. So I use hosts.allow/deny to block IPs accessing ssh. Thanks again.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.