Protocol Encapsulation
Sam Couter
sam at topic.com.au
Mon Aug 6 18:06:18 EST 2001
Mark Hummel <mhummel at pcug.org.au> wrote:
>
> I thought I would have to give more detail. Basically, there are three
> machines. One of these machines will be the "server". The other two
> machines (all machines are on a private network) will be clients. I wanted
> all services to have a single wrapper. This wrapper would enforce things
> like only allowing those two clients access to the services on the server.
Ah, then you want packet filtering or TCP wrappers.
Packet filtering (firewalling):
For a 2.2 kernel, look for stuff about ipchains.
For a 2.4 kernel, look for stuff about iptables.
Google is your friend.
TCP wrappers:
man hosts.allow and hosts.deny and tcpd. If your services are not running
from inetd, you'll need to make sure they use libwrap. If they don't, you'll
have to use packet filtering or use whatever access controls they provide
themselves.
Hope this helps.
--
Sam Couter | Internet Engineer | http://www.topic.com.au/
sam at topic.com.au | tSA Consulting |
OpenPGP key ID: DE89C75C, available on key servers
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20010806/1e636cdf/attachment.bin
More information about the linux
mailing list