Use TCP Wrappers to disallow FTP from certain IP?

Discussion in 'Server Operation' started by nbakewell, Nov 26, 2008.

  1. nbakewell

    nbakewell New Member

    I need to disallow FTP from a certain IP address and am trying to use TCP wrappers to do so. After reading some online articles, I thought it was as simple as adding this line to my hosts.deny file:

    Code:
    vsftpd : 192.168.20.120
    And making sure nothing in my hosts.allow file was overriding that, but after doing so and attempting to FTP in from 192.168.20.120 I still have access. Am I missing something here? I also tried changing vsftpd to just ftpd and ftp. How can I deny FTP from just certain IPs using TCP Wrappers?
     
  2. falko

    falko Super Moderator

    What's in /etc/vsftpd.conf?
     
  3. nbakewell

    nbakewell New Member

    I believe I got it working now - turns out my 20.120 machine was actually using it's second ethernet card, 30.200, to connect through FTP, so hosts.deny was not blocking it. Now I've added that second IP address and it works.

    Just to clarify, this is the method of using TCP wrappers, correct? Or is this not the same?
     
  4. falko

    falko Super Moderator

    Yes, that's right.
     

Share This Page