My question was:
what if I did place my server IP: 10.54.6.170 in the csf.allow
and I want it as the ONLY server to access 10.54.6.170 for port 22
How I can restrict other IPs to access this 22 ports other than 10.54.6.170 ?
=======> ANSWER <=======
Checking over the csf.allow file, I see it provides examples of what I think is very important to secure your server:
# The trust rules can be made in advanced format with 4 options
# (proto:flow:port:ip);
# 1) protocol: [packet protocol tcp/udp]
# 2) flow in/out: [packet direction, inbound or outbound]
# 3) s/d=port: [packet source or destination port]
# 4) s/d=ip(/xx) [packet source or destination address, masking supported]
#
# Syntax:
# proto:flow:[s/d]=port:[s/d]=ip(/mask)
# s - source , d - destination , flow - packet flow in/out
#
# Examples:
# inbound to destination port 22 from 192.168.2.1
# tcp:in:d=22:s=192.168.2.1
#
# outbound to destination port 23 to destination host 192.168.2.1
# out:d=23:d=192.168.2.1
#
# inbound to destination port 3306 from 192.168.5.0/24
# d=3306:s=192.168.5.0/24
here was my simple rule:
d=22:s=10.54.6.170/28
and I did restart /etc/nit.d/csf --restart
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment