R T M 3 2 0 5 U s e r M a n u a l
56
C H A P T E R F I V E
57
R T M 3 2 0 5 U s e r M a n u a l
S E C U R I T Y
This tells
tcpd
to deny access to
in.telnetd, sshd
and
snmpd
to all hosts not listed in the
/etc/
hosts.allow
file. The
snmpd
and
sshd
daemons also parse this file directly prior to granting access to
a requesting host.
Next you will be prompted to enter a list of hosts that will be granted access to
in.telnetd
,
sshd
and
snmpd
. These appear in the
/etc/hosts.allow
as lines like this:
in.telnetd: 192.168.1.2, 192.168.1.3
sshd: 192.168.1.2, 192.168.1.3
snmpd: 192.168.1.2, 192.l68.1.3
This simple shell script handles the needs of most users, however the syntax of these two files sup-
ports elaborate configuration possibilities which are beyond the capabilites of this simple shell script.
Advanced users who need these capabilities will need to edit these two files directly and then copy
them to the
/boot/etc
directory. (See
Appendix C - Helpful Linux Information, Using Editors
.) Be
careful to maintain the proper ownership and access permissions by using
cp -p
when copying the
files.
Restrict Access - HTTPS
To control access via HTTPS, you must edit the
/etc/httpd/httpd.conf
file and add the equivalent deny
followed by allow directives. For example, the default file contains these lines:
<Directory “srv/httpd/cgi-bin”>
AllowOverride None
Options None
Require all granted
</Directory>
To complete the configuration steps to restrict access and allow a specific host with IP address
xxx.xxx.xxx.xxx, you would modify the directives as follows:
<Directory “srv/httpd/cgi-bin”>
AllowOverride None
Options None
Require ip xxx.xxx.xxx.xxx
# Require all granted
</Directory>
After making and saving your changes, you must copy the edited file to the non-volatile FLASH area
and reboot the unit:
cp -p /etc/httpd/httpd.conf /boot/etc/httpd
reboot
Summary of Contents for RTM3205
Page 2: ......
Page 6: ...R T M 3 2 0 5 U s e r M a n u a l This page intentionally left blank...
Page 18: ...R T M 3 2 0 5 U s e r M a n u a l This page intentionally left blank...
Page 126: ...R T M 3 2 0 5 U s e r M a n u a l 108 A P P E N D I X A This page intentionally left blank...
Page 154: ...R T M 3 2 0 5 U s e r M a n u a l 136 A P P E N D I X E This page intentionally left blank...
Page 156: ...R T M 3 2 0 5 U s e r M a n u a l 138 A P P E N D I X F This page intentionally left blank...
Page 160: ...R T M 3 2 0 5 U s e r M a n u a l 142 A P P E N D I X G This page intentionally left blank...
Page 168: ...R T M 3 2 0 5 U s e r M a n u a l 150 A P P E N D I X J This page intentionally left blank...
Page 179: ......