특정 IP만 서버에 접근 가능하게 하는 방법 #1

1. hosts.allow 에 접근 가능한 IP를 삽입한다.

[root@localhost ~]# vi /etc/hosts.allow
#
# hosts.allow   This file describes the names of the hosts which are
#               allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#

sshd:192.168.226.10

위와 같이 추가하면 192.168.226.10 의 IP 만 서버에 SSH로 접근이 가능하다.



2. hosts.deny 에 allow 에서 추가한 IP를 제외하고 접근을 못하는 문구를 삽입한다.

[root@localhost ~]# vi /etc/hosts.deny
#
# hosts.deny    This file describes the names of the hosts which are
#               *not* allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!

sshd:ALL

위와 같이 sshd:ALL 의 문구를 삽입한다.



3. 네트워크 서비스를 재시작하여, 설정을 변경하게 적용시킨다.

[root@localhost ~]# /etc/rc.d/init.d/network restart
Shutting down interface eth0:                              [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0: 
Determining IP information for eth0... done.
                                                           [  OK  ]
[root@localhost ~]#