for network services that can be started by xinetd programs, such as FTP telnet, we can modify the configuration of/etc/hosts.allow and/etc/hosts.deny to license or deny which IP, host, user can access.
For example, we are/etc/hosts.allowJoin in
all:218.24.129.
This will allow you to come from218.24.129.*access to all clients of the domain. This is just an example, in fact, the system by default, are able to use these network services
If we are in/etc/hosts.denyrestrictions on the inclusion of218.24.129.*All of the IP for the domain.
all:218.24.129.
If we are in/etc/hosts.denyJoin in
all:218.24.129.134, which limits all218.24.129.134access to all users in the.
When Hosts.allow and Host.deny conflict, the optimization is set with Hosts.allow.
After setting up, to restart
#/etc/rc.d/init.d/xinetd Restart
#/etc/rc.d/init.d/network Restart
Not all service programs can be used tcp_wrappers , such as the use of commands ldd/usr/sbin/sshd , if the output has LibWrap , you can use tcp_wrappers, which means that the service can use/etc/hosts.allow and/etc/hosts.deny, which is not available if the output is not libwrap
Linux settings allow and disallow access to IP Host.allow and Host.deny