Do you mean something like:
This blocks everything except a few IP's and firewall devices/modems. Is this what you mean? However, may the UNIX gods help you maintaining an acl list of 7700 ip's manually. Answer to your question: yes it will block everything you want.
Hi all
I'm using an AIX 5 machine.
I'm trying to telnet from this machine to another Aix machine.
When I use the "root" user - Everything works.
I can telnet successfully the other machine
When I use another user but root - I can't telnet the machine:
noah@logist:/home/noah>telnet aixtst... (2 Replies)
OK, let see, i have a Tru64 Unix and need to know how the list of ftp users works and in /etc/ftpusers we have the unauthorized users but when we create a new user i want this users put automatic for deny access .....
where i set when creation of users action put automatic the user in that file?... (1 Reply)
Each thread has a copy of auto variables within a function, but variables
declared as static within a function are common to all threads. To circumvent
this can static variables be placed outside the function. If so, will the
scope of the variable be file only or will it be extern, and will each... (7 Replies)
Hi,
I have to forbid root-logins on all my servers, expect from two machines, these 2 machines login with root without a password
it was quite easy with ssh, but I have a problem regarding rsh/rlogin, an there
are a lot of rsh jobs, so it would take a lot of time to change all this... (4 Replies)
Hello everyone
I have to limit the root logins on my aix box (aix 5.3)
I change the value on the /etc/security/user
default (login and rlogin) change to false
and add to root (rlogin and login = false)
I tried in different ways but I got the same.
Root still can login
I try algo... (6 Replies)
Hello I want to block individuals who attempt to use ssh to loggon to one of my machines from a certain IP address. I added the following entry in hosts.deny. Will the entry do what I want to do?
ssh: 202.111.128.225 (3 Replies)
Dear AIX/UNIX experts:
I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications.
As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ?
Could anybody give me your... (8 Replies)
Is there a way to deny access to a specific remote login option.
example:
usera--deny telnet access but keep rsh and rlogin
userb--keeps telnet, rsh, and rlogin
I'm basically trying to contol the access per services instead of changing the LOGIN REMOTELY(rsh,tn,rlogin) option to yes or no. (12 Replies)
Hi there,
For /etc/hosts.deny was it used to deny access from the internet? (2 Replies)
Discussion started by: alvinoo
2 Replies
LEARN ABOUT CENTOS
acl_copy_ext
ACL_COPY_EXT(3) BSD Library Functions Manual ACL_COPY_EXT(3)NAME
acl_copy_ext -- copy an ACL from internal to external representation
LIBRARY
Linux Access Control Lists library (libacl, -lacl).
SYNOPSIS
#include <sys/types.h>
#include <sys/acl.h>
ssize_t
acl_copy_ext(void *buf_p, acl_t acl, ssize_t size);
DESCRIPTION
The acl_copy_ext() function copies the ACL pointed to by acl from system-managed space to the user managed space pointed to by buf_p. The
size parameter represents the size in bytes of the buffer pointed to by buf_p. The format of the ACL placed in the buffer pointed to by
buf_p is a contiguous, persistent data item, the format of which is unspecified. It is the responsibility of the invoker to allocate an area
large enough to hold the copied ACL. The size of the exportable, contiguous, persistent form of the ACL may be obtained by invoking the
acl_size() function.
Any ACL entry descriptors that refer to an entry in the ACL referenced by acl continue to refer to those entries. Any existing ACL pointers
that refer to the ACL referenced by acl continue to refer to the ACL.
RETURN VALUE
Upon success, this function returns the number of bytes placed in the buffer pointed to by buf_p. On error, a value of (ssize_t)-1 is
returned and errno is set appropriately.
ERRORS
If any of the following conditions occur, the acl_copy_ext() function returns a value of (ssize_t)-1 and sets errno to the corresponding
value:
[EINVAL] The size parameter is zero or negative.
The argument acl is not a valid pointer to an ACL.
The ACL referenced by acl contains one or more improperly formed ACL entries, or for some other reason cannot be trans-
lated into the external form of an ACL.
[ERANGE] The size parameter is greater than zero but smaller than the length of the contiguous, persistent form of the ACL.
STANDARDS
IEEE Std 1003.1e draft 17 ("POSIX.1e", abandoned)
SEE ALSO acl_copy_int(3), acl_size(3), acl(5)AUTHOR
Derived from the FreeBSD manual pages written by Robert N M Watson <rwatson@FreeBSD.org>, and adapted for Linux by Andreas Gruenbacher
<a.gruenbacher@bestbits.at>.
Linux ACL March 23, 2002 Linux ACL