[luau] tftpd question
Jeffrey Wong
jmwong at hoku.net
Thu Aug 29 13:33:01 PDT 2002
If you are using xinetd to manage tftp, the you can also let tftp handle
the access controls with something like
only_from = 192.168.1.0/24
to allow connections from 192.168.1.whatever. With xinetd you can also
specify things like what times connections are allowed and how many
concurrent requests are allowed. While xinetd does use tcpwrappers
/etc/hosts.[allow|deny] to filter connections, you won't get the full
benifits from it until you start working directly with xinetd.conf
Jeff
On Thu, 29 Aug 2002, MonMotha wrote:
> Warren Togami wrote:
> ...
> >
> > However, why don't you use TCP wrappers and only allow access to the
> > tftpd port from your local subnet? I think iptables can do this too.
> >
>
> TCP wrappers probably won't work (unless they can do UDP also). TFTP is
> run on UDP/69. IPtables, being a packet filter, can of course filter
> this. Example:
>
> iptables -A INPUT -p udp --dport 69 -s localnetwork -j ACCEPT
> iptables -A INPUT -p udp --dport 69 -j REJECT
>
> will allow TFTP from your local network, but then reject it from
> anywhere else.
>
> --MonMotha
>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau
>
More information about the LUAU
mailing list