From owner-freebsd-questions@FreeBSD.ORG  Sat May 20 01:55:05 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E8D1316A424
	for <freebsd-questions@freebsd.org>;
	Sat, 20 May 2006 01:55:05 +0000 (UTC)
	(envelope-from jekillen@prodigy.net)
Received: from smtp110.sbc.mail.mud.yahoo.com (smtp110.sbc.mail.mud.yahoo.com
	[68.142.198.209])
	by mx1.FreeBSD.org (Postfix) with SMTP id 6701C43D45
	for <freebsd-questions@freebsd.org>;
	Sat, 20 May 2006 01:55:05 +0000 (GMT)
	(envelope-from jekillen@prodigy.net)
Received: (qmail 32798 invoked from network); 20 May 2006 01:55:04 -0000
Received: from unknown (HELO ?75.7.236.228?)
	(jekillen@prodigy.net@75.7.236.228 with plain)
	by smtp110.sbc.mail.mud.yahoo.com with SMTP; 20 May 2006 01:55:04 -0000
Mime-Version: 1.0 (Apple Message framework v622)
Content-Transfer-Encoding: 7bit
Message-Id: <6b8ab79d578aec086fb10590dee29616@prodigy.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed
To: freebsd-questions <freebsd-questions@freebsd.org>
From: jekillen <jekillen@prodigy.net>
Date: Fri, 19 May 2006 18:55:52 -0700
X-Mailer: Apple Mail (2.622)
Subject: hosts.allow and ssh problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 20 May 2006 01:55:06 -0000

Hello all;
I am trying to deny ftp access to my web site from out side. I have two 
nics on the server and access it from the inside network via one and 
serve to the public on the other.
I tried to write a rule in hosts.allow to deny ftp connections to the 
public ip address which has worked. But a side effect is that I can now 
not connect from local machines via
ssh. I reverted back to 'ALL : all ; allow'  to confirm that that was 
in deed why ssh started refusing connections, as it now will accept 
connections. I even ssh'd to one machine
and while in that shell, ssh'd to the server and got in to the server 
via another machine on the local network.
I am concerned because I have had repeated attempts to login to the 
server  over ftp from outside. I do all the development and posting 
from local
network so there is no reason whatsoever for anyone from the out side 
to get ftp access to my site.
How can I do this in hosts.allow?
A few nights ago I noticed odd activity on the router (leds going 
bananas) so I did tcpdump on the server and saw a great deal of ftp 
activity that didn't look right, from
foreign addresses. I shut the web server and the secondary dns server 
down while I dug through Absolute FreeBSD to get some direction.
I can live with ssh refusing local connections but I don't think it 
should be that way.
Thanks in advance;
JK