From owner-freebsd-questions@FreeBSD.ORG Wed Apr 27 22:40:01 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8338D16A4CE for ; Wed, 27 Apr 2005 22:40:01 +0000 (GMT) Received: from mail2.lmtribune.com (mail2.lmtribune.com [199.5.221.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3A85E43D39 for ; Wed, 27 Apr 2005 22:40:01 +0000 (GMT) (envelope-from jmciver@lmtribune.com) Received: from mail2.lmtribune.com (localhost.lmtribune.com [127.0.0.1]) 1C27714B for ; Wed, 27 Apr 2005 15:39:17 -0700 (PDT) Received: from mailpc.lmtribune.com (mailpc.lmtribune.com [192.168.135.152]) B3A6A147 for ; Wed, 27 Apr 2005 15:39:16 -0700 (PDT) Received: from ADV/SpoolDir by mailpc.lmtribune.com (Mercury 1.48); 27 Apr 05 15:41:31 -0800 Received: from SpoolDir by ADV (Mercury 1.48); 27 Apr 05 15:41:02 -0800 Received: from [192.168.135.90] (192.168.135.90) by mailpc.lmtribune.com (Mercury 1.48) with ESMTP; 27 Apr 05 15:41:00 -0800 Message-ID: <427014FC.4010304@lmtribune.com> Date: Wed, 27 Apr 2005 15:41:00 -0700 From: Jim McIver Organization: TPC Holdings User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: hosts.allow X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Apr 2005 22:40:01 -0000 On a FreeBSD 4.10 server I'm trying to allow certain ip's ssh access to my server. In hosts.allow I have: sshd: 192.168. /etc/icanonips.hosts and in the icanonips.hosts file for the range of ips from 67.62.xxx.130 to 67.62.xxx.159 I have: sshd: 67.62.xxx.130/255.255.255.224 67.62.xxx.131/255.255.255.224 sshd: 67.62.xxx.132/255.255.255.224 67.62.xxx.133/255.255.255.224 sshd: 67.62.xxx.134/255.255.255.224 67.62.xxx.135/255.255.255.224 sshd: 67.62.xxx.136/255.255.255.224 67.62.xxx.137/255.255.255.224 sshd: 67.62.xxx.138/255.255.255.224 67.62.xxx.139/255.255.255.224 sshd: 67.62.xxx.140/255.255.255.224 67.62.xxx.141/255.255.255.224 sshd: 67.62.xxx.142/255.255.255.224 67.62.xxx.143/255.255.255.224 sshd: 67.62.xxx.144/255.255.255.224 67.62.xxx.145/255.255.255.224 sshd: 67.62.xxx.146/255.255.255.224 67.62.xxx.147/255.255.255.224 sshd: 67.62.xxx.148/255.255.255.224 67.62.xxx.149/255.255.255.224 sshd: 67.62.xxx.150/255.255.255.224 67.62.xxx.151/255.255.255.224 sshd: 67.62.xxx.152/255.255.255.224 67.62.xxx.153/255.255.255.224 sshd: 67.62.xxx.154/255.255.255.224 67.62.xxx.155/255.255.255.224 sshd: 67.62.xxx.156/255.255.255.224 67.62.xxx.157/255.255.255.224 sshd: 67.62.xxx.158/255.255.255.224 67.62.xxx.159/255.255.255.224 192.168 is my internal network(which works). It's just that the outside range of IP's don't work. I've replaced a portion of the real ip with xxx for this message. Basically, I'm not sure of the syntax when you use an external file. thx, -- -Jim McIver