Secure Tcp Wrapper

Posted on Sunday March 13, 2016 / by Eric Potvin

TCP wrapper based its access List on Rules that can be included in the following two files:

The syntax for both /etc/hosts.allow and /etc/hosts.deny file are similar and are defined as follow:

daemon : client [:option1:option2:...]

For example, if you want to allow SSH from a specific IP (and/or a range of IPs) and deny access to all other IPs:

Put the following code in the /etc/hosts.allow:

sshd : 111.111, 222.222.222.222

and put this in the /etc/hosts.deny:

sshd : ALL

As a reminder, there is some rule you have to respect.