This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_tcpwrap [2012/06/28 10:35] val |
сервис_tcpwrap [2016/03/22 14:26] val [Конфигурация в режиме все запрещено, кроме] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Сервис Tcpwrap ====== | ====== Сервис Tcpwrap ====== | ||
- | ===== Linux ===== | + | ===== Проверка поддержки программой библиотеки libwrap ===== |
- | [[http://ubuntu-tutorials.com/2007/09/02/network-security-with-tcpwrappers-hostsallow-and-hostsdeny/]] | + | |
<code> | <code> | ||
gate# ldd /usr/sbin/sshd | grep wrap | gate# ldd /usr/sbin/sshd | grep wrap | ||
+ | </code> | ||
+ | ===== Конфигурация в режиме "все запрещено, кроме" ===== | ||
+ | |||
+ | [[http://ubuntu-tutorials.com/2007/09/02/network-security-with-tcpwrappers-hostsallow-and-hostsdeny/]] | ||
+ | |||
+ | <code> | ||
gate# cat /etc/hosts.allow | gate# cat /etc/hosts.allow | ||
</code><code> | </code><code> | ||
ALL: 127.0. | ALL: 127.0. | ||
sshd: 192.168.X.10 | sshd: 192.168.X.10 | ||
+ | # sshd: 192.168.X. 192.168.100+X. | ||
</code><code> | </code><code> | ||
gate# cat /etc/hosts.deny | gate# cat /etc/hosts.deny | ||
Line 17: | Line 22: | ||
</code> | </code> | ||
- | ===== FreeBSD ===== | + | ===== Конфигурация в режиме "все разрешено, кроме" ===== |
<code> | <code> | ||
- | # cat /etc/hosts.allow | + | # :> /etc/hosts.allow |
+ | </code><code> | ||
+ | # cat /etc/hosts.deny | ||
</code><code> | </code><code> | ||
- | ... | + | ALL: 172.16.1.249 |
- | #ALL : ALL : allow | + | |
- | sshd: 192.168.8.10: allow | + | |
- | sshd: all: deny | + | |
- | ... | + | |
</code> | </code> |