/var/adm/inetd.sec 파일에 접근을 허용하거나 거부 할 IP를 입력하면 되는데 파일이 없는 경우에는 생성을 하면 된다.
아래와 같이 vi 에디터를 이용하여 inetd.sec를 실행 한 모습을 볼 수 있다.
[rx2600-1:/]vi /var/adm/inetd.sec
# @(#)B11.23_LRinetd.sec $Revision: 1.10.214.1 $ $Date: 96/10/08 13:20:06 $
#
#
# The lines in the file contain a service name, permission field and
# the Internet addresses or names of the hosts and/or networks
# allowed to use that service in the local machine.
# The form for each entry in this file is:
#
# <service name> <allow/deny> <host/network addresses, host/network names>
#
# For example:
#
# login allow 10.3-5 192.34.56.5 ahost anetwork
#
# The above entry allows the following hosts to attempt to access your system
# using rlogin:
# hosts in subnets 3 through 5 in network 10,
# the host with Internet Address of 192.34.56.5,
# the host by the name of "ahost",
# all the hosts in the network "anetwork"
#
# mountd deny 192.23.4.3
#
#
# The mountd entry denies host 192.23.4.3 access to the NFS rpc.mountd
# server.
#
# Hosts and network names must be official names, not aliases.
# See the inetd.sec(4) manual page for more information.
dtspc allow 127.0.0.1 loopback rx2600-1 test
허용하거나 거부할 목록을 아래와 같이 추가하면 된다.
# @(#)B11.23_LRinetd.sec $Revision: 1.10.214.1 $ $Date: 96/10/08 13:20:06 $
#
#
# The lines in the file contain a service name, permission field and
# the Internet addresses or names of the hosts and/or networks
# allowed to use that service in the local machine.
# The form for each entry in this file is:
#
# <service name> <allow/deny> <host/network addresses, host/network names>
#
# For example:
#
# login allow 10.3-5 192.34.56.5 ahost anetwork
#
# The above entry allows the following hosts to attempt to access your system
# using rlogin:
# hosts in subnets 3 through 5 in network 10,
# the host with Internet Address of 192.34.56.5,
# the host by the name of "ahost",
# all the hosts in the network "anetwork"
#
# mountd deny 192.23.4.3
#
#
# The mountd entry denies host 192.23.4.3 access to the NFS rpc.mountd
# server.
#
# Hosts and network names must be official names, not aliases.
# See the inetd.sec(4) manual page for more information.
dtspc allow 127.0.0.1 loopback rx2600-1 test
telnet deny 192.168.100.100
telnet allow 192.168.200.100
위에서 192.168.100.100 은 접근을 거부 하는 것이고, 192.168.200.100 은 접근을 허용하는 것이다.
실행하는 방법은 아래와 같다.
[rx2600-1:/]/sbin/init.d/inetd start
멈추는 방법은 아래와 같다.
[rx2600-1:/]/sbin/init.d/inetd stop
아래와 같이 vi 에디터를 이용하여 inetd.sec를 실행 한 모습을 볼 수 있다.
[rx2600-1:/]vi /var/adm/inetd.sec
# @(#)B11.23_LRinetd.sec $Revision: 1.10.214.1 $ $Date: 96/10/08 13:20:06 $
#
#
# The lines in the file contain a service name, permission field and
# the Internet addresses or names of the hosts and/or networks
# allowed to use that service in the local machine.
# The form for each entry in this file is:
#
# <service name> <allow/deny> <host/network addresses, host/network names>
#
# For example:
#
# login allow 10.3-5 192.34.56.5 ahost anetwork
#
# The above entry allows the following hosts to attempt to access your system
# using rlogin:
# hosts in subnets 3 through 5 in network 10,
# the host with Internet Address of 192.34.56.5,
# the host by the name of "ahost",
# all the hosts in the network "anetwork"
#
# mountd deny 192.23.4.3
#
#
# The mountd entry denies host 192.23.4.3 access to the NFS rpc.mountd
# server.
#
# Hosts and network names must be official names, not aliases.
# See the inetd.sec(4) manual page for more information.
dtspc allow 127.0.0.1 loopback rx2600-1 test
허용하거나 거부할 목록을 아래와 같이 추가하면 된다.
# @(#)B11.23_LRinetd.sec $Revision: 1.10.214.1 $ $Date: 96/10/08 13:20:06 $
#
#
# The lines in the file contain a service name, permission field and
# the Internet addresses or names of the hosts and/or networks
# allowed to use that service in the local machine.
# The form for each entry in this file is:
#
# <service name> <allow/deny> <host/network addresses, host/network names>
#
# For example:
#
# login allow 10.3-5 192.34.56.5 ahost anetwork
#
# The above entry allows the following hosts to attempt to access your system
# using rlogin:
# hosts in subnets 3 through 5 in network 10,
# the host with Internet Address of 192.34.56.5,
# the host by the name of "ahost",
# all the hosts in the network "anetwork"
#
# mountd deny 192.23.4.3
#
#
# The mountd entry denies host 192.23.4.3 access to the NFS rpc.mountd
# server.
#
# Hosts and network names must be official names, not aliases.
# See the inetd.sec(4) manual page for more information.
dtspc allow 127.0.0.1 loopback rx2600-1 test
telnet deny 192.168.100.100
telnet allow 192.168.200.100
위에서 192.168.100.100 은 접근을 거부 하는 것이고, 192.168.200.100 은 접근을 허용하는 것이다.
실행하는 방법은 아래와 같다.
[rx2600-1:/]/sbin/init.d/inetd start
멈추는 방법은 아래와 같다.
[rx2600-1:/]/sbin/init.d/inetd stop
쭈꾸댕이
아직 어설픈 실력으로 나름 제가 하는 것에 대한 것들을 옮기는 공간입니다. 틀린 부분도 있을 수 있으니 이 점 양해하시고, 도움이 되셨으면 좋겠네요.
