Secure Tcp Wrapper
Posted on Sunday March 13, 2016 by Eric Potvin
TCP wrapper based its access List on Rules that can be included in the following two files:
The syntax for both /etc/hosts.allow and /etc/hosts.deny file are similar and are defined as follow:
daemon : client [:option1:option2:...]
For example, if you want to allow SSH from a specific IP (and/or a range of IPs) and deny access to all other IPs:
Put the following code in the
sshd : 111.111, 188.8.131.52
and put this in the
sshd : ALL
As a reminder, there is some rule you have to respect.
- You can have only one rule per service in hosts.allow and hosts.deny file.
- Any changes to hosts.allow and hosts.deny file takes immediate effect.
- The last line in the files hosts.allow and hosts.deny must be a new line character. Or else the rule will fail.