Using Commands in the ftphosts File to Allow or Deny FTP Server ConnectionThe purpose of the ftphosts file is to allow or deny specific users or addresses from connecting to the FTP server. The format of the file is the word allow or deny, optionally followed by a username, followed by an IP or a DNS address. allow username address deny username address Listing 24.4 shows a sample configuration of this file. Listing 24.4. ftphosts Configuration File for Allowing or Denying Users
The * is a wildcard that matches any combination of that address. For example, allow tdc *.exodous.net allows the user tdc to log in to the FTP server from any address that contains the domain name exodous.net. Similarly, the anonymous user is not allowed to access the FTP if he is coming from a 201 public class C IP address. Changes made to your system's FTP server configuration files become active only after you restart xinetd because configuration files are parsed only at startup. To restart xinetd as root, issue the command /etc/rc.d/init.d/xinetd restart. This makes a call to the same shell script that is called at system startup and shutdown for any runlevel to start or stop the xinet daemon. xinetd should report its status as # /etc/rc.d/init.d/xinetd restart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] When the FTP server restarts, it is accessible to all incoming requests. |