Chinaunix首页 | 论坛 | 博客
  • 博客访问: 116883
  • 博文数量: 45
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 315
  • 用 户 组: 普通用户
  • 注册时间: 2014-09-22 18:55
文章存档

2015年(45)

我的朋友

分类: LINUX

2015-05-13 19:23:47


原文: 
sftpd 与TCP_wrapper 结合到一块来实现这种要求
/etc/hosts.allow 定义允许的地址:
/etc/hosts.deny 定义拒绝的来源地址.
/etc/hosts.allow 如下:

  1. #
  2. # hosts.allow This file describes the names of the hosts which are
  3. # allowed to use the local INET services, as decided
  4. # by the ‘/usr/sbin/tcpd’ server.
  5. #
  6. vsftpd :123.103.47.0/255.255.255.0 218.240.63.0/255.255.255.0 59.46.172.0/255.255.255.0 10.0.0.0/255.0.0.0 60.2.80.0/255.255.255.0 218.249.230.0/255.255.255.0 160.10.0.0/255.255.0.0 218.246.69.0/255.255.255.0 125.35.3.0/255.255.255.0:allow
/etc/hosts.deny如下:

  1. #
  2. # hosts.deny This file describes the names of the hosts which are
  3. # *not* allowed to use the local INET services, as decided
  4. # by the ‘/usr/sbin/tcpd’ server.
  5. #
  6. # The portmap line is redundant, but it is left to remind you that
  7. # the new secure portmap uses hosts.deny and hosts.allow. In particular
  8. # you should know that NFS uses portmap!
  9. vsftpd : ALL : DENY
将tcp_wrappers=yes添加至
/etc/vsftpd/vsftpd.conf 中
vi /etc/vsftpd/vsftpd.conf
  1. tcp_wrappers=YES
重新启动vsftpd
[root@home vsftpd]# /sbin/service vsftpd restart
Shutting down vsftpd: OK ]
Starting vsftpd for vsftpd: OK ]





阅读(1156) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~