Without getting into the finer details, here is what I need. I have a need to restrict telnet access ( I know the drill but it does not apply here)for a login by username from a single IP address. In other words I know multiple accounts are going to access a box. This box will see the incoming IP as 1.2.3.4. All of the accounts are valid accounts. They may be accessing the box from other ip’s. and they will continue to have a need to do so. Some people will still need to access the box from 1.2.3.4 as well as from other host systems. IPCHAIN rules do not apply here due to the nature of the application. What I basically need is something along the lines of /etc/host.deny with some if then else logic that says an account is ok to login only if it is not from a single IP (while others may still be accessing from it from 1.2.3.4) I know it is asking a lot and may not be possible without heavy customization. TIA

I may have answered my own question but I am not certain how to go about it. What if I had a login script for the users account that checked what the remote IP address is. If the remote address is 1.2.3.4. it displays a nice message and kindly logs them off. Obviously I would have to have access restrictions but, that may work (but I am a bad scripter)