Greg Cox wrote:
Rather than write a ruleset for each individual possible origination ip - Can I add a single rule that says allow ssh from any ip within the ncsu.edu domain? ie. engr01ras-linux.eos.ncsu.edu and engr06ras.eos.ncsu.edu. would both match.
1) Allow all ssh traffic, then use hosts.allow to restrict it.
2) iptable it to 152.1.0.0/16
$ host engr06ras.eos.ncsu.edu engr06ras.eos.ncsu.edu has address 152.1.68.201 $ lynx -source http://ws.arin.net/cgi-bin/whois.pl?queryinput=152.1.68.201|grep CIDR CIDR: 152.1.0.0/16
-- ----------------------------------------------------------------- [EMAIL PROTECTED]: Earth is a beta site, I just wish that damn pink elephant would give me my mouse back. -----------------------------------------------------------------
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
