Date: Fri, 12 Oct 2001 14:31:25 -0400 From: Simon Perkins <code@brained.org> To: Alson van der Meulen <alm@flutnet.org> Cc: freebsd-questions@freebsd.org Subject: Re: How to protect binding to interface ? Message-ID: <20011012143125.G4157@brained.org> In-Reply-To: <20011012143031.B21997@md2.mediadesign.nl>; from alm@flutnet.org on Fri, Oct 12, 2001 at 02:30:31PM %2B0200 References: <20011010214156.B27378@brained.org> <20011012143031.B21997@md2.mediadesign.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Fri, Oct 12, 2001 at 02:30:31PM +0200, Alson van der Meulen wrote: > On Wed, Oct 10, 2001 at 09:41:56PM -0400, Simon Perkins wrote: > > Hi, > > > > I am learning freeBSD and wanted to know if there is any means in > > freeBSD to prevent non-root users to bind to public interfaces or > > maybe something which even makes the public network interfaces > > invisible to them. Can anybody point me in right direction ? > try something like: > allow tcp from any to any in via fxp0 setup uid root > reset tcp from any to any in via fxp0 setup > (where fxp0 is your public interface) > I think that is a workable solution. I think I stated my question wrongly. What I need is *remote* users not to see public interfaces (bind to them). I think the solution is to forward ssh connection to internal host on private network. Am I going in right direction ? -S [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (OpenBSD) Comment: For info see http://www.gnupg.org iD8DBQE7xzb8QLIkk4YsfGgRApBnAKCOmCf14JjbFhALBgZ9GqLYl7kAVgCdFLRR 960HEqdvRMEUJBERlw3mVH0= =nkOX -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011012143125.G4157>