Linux webserver 6.8.0-49-generic #49~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Nov 6 17:42:15 UTC 2 x86_64
Apache/2.4.52 (Ubuntu)
Server IP : 192.168.1.1 & Your IP : 3.139.234.41
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
share /
doc /
vsftpd /
examples /
PER_IP_CONFIG /
Delete
Unzip
Name
Size
Permission
Date
Action
README
1.46
KB
-rw-r--r--
2008-02-02 01:30
hosts.allow
259
B
-rw-r--r--
2008-02-02 01:30
Save
Rename
This example should quickly show you the possibilites of per-IP configuration with vsftpd's tcp_wrappers integration. This is new with v1.1.3. To use this, you need vsftpd built with tcp_wrappers! This is accomplished by editing "builddefs.h" and changing #undef VSF_BUILD_TCPWRAPPERS to #define VSF_BUILD_TCPWRAPPERS And then rebuild. If you are lucky your vendor will have shipped the vsftpd binary with this already done for you. Next, to enable tcp_wrappers integration, you need this in your vsftpd.conf: tcp_wrappers=YES And you'll need a tcp_wrappers config file. An example one is supplied in this directory: hosts.allow. It lives at /etc/hosts.allow. Let's have a look at the example: vsftpd: 192.168.1.3: setenv VSFTPD_LOAD_CONF /etc/vsftpd_tcp_wrap.conf vsftpd: 192.168.1.4: DENY The first line: If a client connects from 192.168.1.3, then vsftpd will apply the vsftpd config file /etc/vsftpd_tcp_wrap.conf to the session! These settings are applied ON TOP of the default vsftpd.conf. This is obviously very powerful. You might use this to apply different access restrictions for some IPs (e.g. the ability to upload). Or you could give certain classes of IPs the ability to skip connection limits (max_clients=0). Or you could increase / decrease the bandwidth limiter for certain classes of IPs. You get the point :-) The second line: Denies the ability of 192.168.1.4 to connect. Very useful to take care of troublemakers. And now you don't need xinetd to do it - hurrah.