If you are using xinetd to manage tftp, the you can also let tftp handle the access controls with something like
only_from = 192.168.1.0/24 to allow connections from 192.168.1.whatever. With xinetd you can also specify things like what times connections are allowed and how many concurrent requests are allowed. While xinetd does use tcpwrappers /etc/hosts.[allow|deny] to filter connections, you won't get the full benifits from it until you start working directly with xinetd.conf Jeff On Thu, 29 Aug 2002, MonMotha wrote: > Warren Togami wrote: > ... > > > > However, why don't you use TCP wrappers and only allow access to the > > tftpd port from your local subnet? I think iptables can do this too. > > > > TCP wrappers probably won't work (unless they can do UDP also). TFTP is > run on UDP/69. IPtables, being a packet filter, can of course filter > this. Example: > > iptables -A INPUT -p udp --dport 69 -s localnetwork -j ACCEPT > iptables -A INPUT -p udp --dport 69 -j REJECT > > will allow TFTP from your local network, but then reject it from > anywhere else. > > --MonMotha > > _______________________________________________ > LUAU mailing list > [EMAIL PROTECTED] > http://videl.ics.hawaii.edu/mailman/listinfo/luau >
