Date: Tue, 8 May 2001 18:04:41 -0400 (EDT) From: Dru <genisis@istar.ca> To: Tim Erlin <tperlin@yahoo.com> Cc: questions@FreeBSD.ORG Subject: Re: limit telnet access Message-ID: <Pine.BSF.4.21.0105081800300.28912-100000@istar.ca> In-Reply-To: <20010508193738.15562.qmail@web11706.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Tim, Very good question, now you have me curious. Is it possible to tell a daemon to only listen on specified interfaces, or do we instead use firewall rules and tcpwrappers to ensure the daemon only sees the requests we actually want it to respond to? I suspect the latter, but would be interested in any URLs that would explain the semantics of how this works. Dru On Tue, 8 May 2001, Tim Erlin wrote: > I have a dual-homed host with one interface to DSL and > one internal, running NAT. I'd like to run Telnet > internally, but prevent it from being used via the > external interface. > > Is the best way to do this with ipfw, e.g. leave > Telnet running on both, but deny all incoming packets > on port 23 on the external interface? > > Is ipfw (or some firewall) the only way to limit which > service run on which interfaces? > > Thanks, as always. > > --Tim > > __________________________________________________ > Do You Yahoo!? > Yahoo! Auctions - buy the things you want at great prices > http://auctions.yahoo.com/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0105081800300.28912-100000>