| | .. footer:: $Id: tperimeter.txt,v 1.108 2006/09/25 08:19:09 tundra Exp $ |
|---|
| | .. footer:: $Id: tperimeter.txt,v 1.109 2006/09/25 08:21:00 tundra Exp $ |
|---|
| | |
|---|
| | |
|---|
| | ===================================================== |
|---|
| | ``tperimeter`` - A Dynamic TCP Wrapper Control System |
|---|
| |
|---|
| | 2) The ``allow`` and ``deny`` directories contain entries |
|---|
| | for specific services you wish to allow or deny. You |
|---|
| | create a directory under these for each *service* you want |
|---|
| | to control. Within that "service directory" you create |
|---|
| | (using ``touch``) one or more zero-length *files* whose *name* |
|---|
| | is the IP address or DNS name of the host you are allowing/denying. |
|---|
| | (using ``touch``) one or more zero-length *files* that are *named* |
|---|
| | with the IP address or DNS name of the host you are allowing/denying. |
|---|
| | |
|---|
| | Say you want to allow ``ssh`` access from 64.2.3.1 and anyone in |
|---|
| | 10.0.1.x, and deny ``ftp`` access from everyone. Then the |
|---|
| | directory/file layout would look like this:: |
|---|
| |
|---|
| | |
tundra
authored
on 25 Sep 2006