hosts.allow hosts.deny
阿新 • • 發佈:2017-05-14
class hosts lang imp pan sts -s 0.10 list
簡單控制訪問ip,hosts.allow/hsots.deny a simple access control language that is based on client (host name/address, user name), and server (process name, host
name/address) patterns.
格式:
daemon_list : client_list [ : shell_command ]
參數:
ALL ###所有
LOCAL ###本地
172.24.0. == 172.24.0.0/255.255.255.0 == 172.24.0.*
/etc/hosts.allow
ALL:ALL :deny | allow
ALL:LOCAL
ALL:172.24.0.27 100.100.10.
sshd:172.24.0.
ALL: .bad.domain: DENY
ALL: ALL: ALLOW
/etc/hosts.deny
ALL: .friendly.domain: ALLOW
ALL: ALL: DENY
example:
/etc/hosts.allow
ALL:172.24.0.:ALLOW ###僅允許172.24.0.網段的IP訪問
/etc/hosts.deny
ALL:ALL:DENY ###所有阻止
linux系統會先檢查/etc/hosts.deny規則,再檢查/etc/hosts.allow規則,如果有沖突,優先/etc/hosts.allow規則處理
hosts.allow hosts.deny