From: Claudio Lapidus (clapidus@hotmail.com)
Date: Mon Jul 01 2002 - 18:51:55 EDT
Hello,
I have an XP900 box running 4.0F, which is connected to an internal network
through tu0 and to the Internet through tu1. Now the problem is that I want
to be VERY restrictive on the services offered to the public side, while
being more open to the internal network clients. I was unable to find a way
to limit access to diverse services based on interface or in source address,
the way tcp-wrappers in other platforms do. Can any of you people please
give some advice on this?
BTW, I also tried editing ifaccess.conf, but it doesn't seem to be working
at all. Actually, I was able to log in from a "forbidden" source address.
# cat /etc/ifaccess.conf | grep -v '^#'
tu1 zzz.aa.bb.6 255.255.255.255 permit
tu1 zzz.cc.dd.8 255.255.255.255 permit
tu1 zzz.ee.ff.13 255.255.255.255 permit
tu1 0.0.0.0 0.0.0.0 deny
#
regards,
cl.
clapidus@hotmail.com
_________________________________________________________________
Join the world’s largest e-mail service with MSN Hotmail.
http://www.hotmail.com
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:48:45 EDT