> I'd do this with a series of CGIs, that add/remove records to/from the
> hosts.allow and hosts.deny files (and kill -HUP inetd or whatever after a
> change).
> This'll be much more configurable than doing it a the ipchains level. For
> a start, you'll be able to send a 'Sorry, access denied' message instead
> of just rejecting the connection. man 5 hosts_access; man inetd .
>
doesnt inetd.conf only cover things like telnet and other services.
unless you are trying to selectivly block those services then its not what
your after.
Dont forget that he istrying to block packets flowing thru the box, not
coming to it's inetd controlled services. ipchains atm is the most popular
way of doing this.
dave
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
