Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ACL Deny for large IP Scope
Special Forums IP Networking ACL Deny for large IP Scope Post 302827077 by jim mcnamara on Thursday 27th of June 2013 10:33:03 PM
Old 06-27-2013
Do you mean something like:
Code:
acl allow_net src 192.168.0.1-192.168.0.254

acl all src 0.0.0.0/0.0.0.0

acl whitelist somedomain .google.com .mycompany.com

http_access allow whitelist allow_net
http_access deny all

This blocks everything except a few IP's and firewall devices/modems. Is this what you mean? However, may the UNIX gods help you maintaining an acl list of 7700 ip's manually. Answer to your question: yes it will block everything you want.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Telnet deny

Hi all I'm using an AIX 5 machine. I'm trying to telnet from this machine to another Aix machine. When I use the "root" user - Everything works. I can telnet successfully the other machine When I use another user but root - I can't telnet the machine: noah@logist:/home/noah>telnet aixtst... (2 Replies)
Discussion started by: sunbird
2 Replies

2. UNIX for Dummies Questions & Answers

ftp allow/deny list

OK, let see, i have a Tru64 Unix and need to know how the list of ftp users works and in /etc/ftpusers we have the unauthorized users but when we create a new user i want this users put automatic for deny access ..... where i set when creation of users action put automatic the user in that file?... (1 Reply)
Discussion started by: wbendek
1 Replies

3. Programming

scope

Each thread has a copy of auto variables within a function, but variables declared as static within a function are common to all threads. To circumvent this can static variables be placed outside the function. If so, will the scope of the variable be file only or will it be extern, and will each... (7 Replies)
Discussion started by: sundaresh
7 Replies

4. AIX

Deny root rlogin

Hi, I have to forbid root-logins on all my servers, expect from two machines, these 2 machines login with root without a password it was quite easy with ssh, but I have a problem regarding rsh/rlogin, an there are a lot of rsh jobs, so it would take a lot of time to change all this... (4 Replies)
Discussion started by: funksen
4 Replies

5. AIX

allow / deny root logins

Hello everyone I have to limit the root logins on my aix box (aix 5.3) I change the value on the /etc/security/user default (login and rlogin) change to false and add to root (rlogin and login = false) I tried in different ways but I got the same. Root still can login I try algo... (6 Replies)
Discussion started by: lo-lp-kl
6 Replies

6. UNIX for Dummies Questions & Answers

Hosts.deny entry

Hello I want to block individuals who attempt to use ssh to loggon to one of my machines from a certain IP address. I added the following entry in hosts.deny. Will the entry do what I want to do? ssh: 202.111.128.225 (3 Replies)
Discussion started by: mojoman
3 Replies

7. AIX

Does ACL can only grant/deny access for specific command?

Dear AIX/UNIX experts: I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications. As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ? Could anybody give me your... (8 Replies)
Discussion started by: devyfong
8 Replies

8. AIX

Deny rsh,tn,or rlogin

Is there a way to deny access to a specific remote login option. example: usera--deny telnet access but keep rsh and rlogin userb--keeps telnet, rsh, and rlogin I'm basically trying to contol the access per services instead of changing the LOGIN REMOTELY(rsh,tn,rlogin) option to yes or no. (12 Replies)
Discussion started by: leemalloy
12 Replies

9. UNIX for Dummies Questions & Answers

Deny messages for a session

I do not want to be interrupted with any messages. How do I set my session to deny messages? (2 Replies)
Discussion started by: beelifter
2 Replies

10. UNIX for Dummies Questions & Answers

/etc/hosts.deny

Hi there, For /etc/hosts.deny was it used to deny access from the internet? (2 Replies)
Discussion started by: alvinoo
2 Replies

LEARN ABOUT DEBIAN

squid_radius_auth

squid_radius_auth(8)                                          System Manager's Manual                                         squid_radius_auth(8)

NAME

       squid_radius_auth - Squid RADIUS authentication helper

SYNOPSIS

       squid_radius_auth -f configfile
       squid_radius_auth -h "server" [-p port] [-i identifier] -w secret

DESCRIPTION

       This helper allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication.

       -f configfile
              Specifies the path to a configuration file. See the CONFIGURATION section for details.

       -h server
              Alternative method of specifying the server to connect to

       -p port
              Specify  another  server  port where the RADIUS server listens for requests if different from the default RADIUS port.  Normally not
              specified.

       -i identifier
              Unique identifier identifying this Squid proxy to the RADIUS server.  If not specified the IP address is used  as  to  identify  the
              proxy.

       -w secret
              Alternative method of specifying the shared secret. Using the configuration file is generally more secure and recommended.

       -t timeout
              RADIUS request timeout. Default 10 seconds.

CONFIGURATION

       The configuration specifies how the helper connects to RADIUS.  The file contains a list of directives (one per line). Lines beginning with
       a # is ignored.

       server radiusserver
              specifies the name or address of the RADIUS server to connect to.

       secret somesecretstring
              specifies the shared RADIUS secret.

       identifier nameofserver
              specifies what the proxy should identify itsels as to the RADIUS server.  This directive is optional.

       port portnumber
              Specifies the port number or service name where the helper should connect.

AUTHOR

       This manual page was written by Henrik Nordstrom <hno@squid-cache.org>

       squid_radius_auth is written by Marc van Selm <selm@cistron.nl> with contributions from Henrik  Nordstrom  <hno@squid-cache.org>  and  many
       others

QUESTIONS

       Any  questions on usage can be sent to Squid Users <squid-users@squid-cache.org>, or to your favorite RADIUS list/friend if the question is
       more related to RADIUS than Squid.

REPORTING BUGS

       Report bugs or bug-fixes to Squid Bugs <squid-bugs@squid-cache.org> or ideas for new improvements  to  Squid  Developers  <squid-dev@squid-
       cache.org>

SEE ALSO

       RFC2058 - Remote Authentication Dial In User Service (RADIUS)

Squid RADIUS Auth                                                  7 August 2004                                              squid_radius_auth(8)
All times are GMT -4. The time now is 05:58 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy