02-23-2012
Quote:
I'm looking for a way to limit connections to a Solaris 10 box from any single IP.
Can you clarify more?
I would go for a little Linux box in between with iptables to do job of a robust Firewall rather than enabling Firewall on Solaris as that might blow up other things.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi, I'm new to linux and unix, and i have couple of problems:
1) how can i limit the access for a user, for example, i created a user, and i want that this user will be able to be only in one directory, and will see only the files i want him to.
2) I have a domain name, and i want that every... (4 Replies)
Discussion started by: misha
4 Replies
2. Cybersecurity
I am migrating from 5.2 to 5.3 AIX. In previous versions of AIX, including 5.2, I've been able to limit user's logins to 1 by using the following script named Block_user:
#!/bin/ksh
USER=$1
NUM=`who | grep $USER | cut -c1-8 | wc -l`
#The above ' is not a single quote but back quote
if ]... (2 Replies)
Discussion started by: Confused_lulu
2 Replies
3. HP-UX
I have tried limiting failed logins to three by the following method
logins -ox \ | awk -F: '($8 != "LK" && $1 != "root") { print $1 }' \ | while read logname; do
/usr/lbin/modprpw -m umaxlntr=3 "$logname"
done
/usr/lbin/modprdef -m umaxlntr=3
but it is failing on the 4th... any ideas?... (1 Reply)
Discussion started by: csaunders
1 Replies
4. HP-UX
Hi,
I have searched the web and have come back with nothing that is satisfactory for what I require. SFTP is my corporations new file transfer standard. What I require is a method to lock down SFTP users to their directory (they may go to sub directories) while not restricting regular users. ... (2 Replies)
Discussion started by: Emancipator
2 Replies
5. Solaris
Hello,
Using a Solaris SunOS 5.10, is there anyway to limit the number of processors utilised by an external vendor application over the server, from the unix OS perspective? (1 Reply)
Discussion started by: pgop
1 Replies
6. Red Hat
Dear all,
Hope you are all fine & enjoying your good health.
Look at this equation
1+1+1=3
So simple I just want to say that I have three internet connections of 1mb, 1mb & 1mb but I can use only 1mb connection at a time & other two connections are useless for me. But now I want to make all... (0 Replies)
Discussion started by: saqlain.bashir
0 Replies
7. UNIX for Advanced & Expert Users
Hi,
I have a Debian 6 machine running Postfix 2.7.1. The email server works pretty well. I discovered that any non-root user can access to the mail queue using postqueue command just like root. How can I limit this access? (1 Reply)
Discussion started by: mjdousti
1 Replies
8. Shell Programming and Scripting
Greetings.
I have script to monitor the disk space of folder it runs every 17 min with help of cron. It sends email when disk size reaches to 85 %. Now the issue is that it continousely generates email until we clear some space in that folder. Is it possible to restrict the Script to send only... (14 Replies)
Discussion started by: manju98458
14 Replies
9. UNIX for Beginners Questions & Answers
#!/bin/bash
PH=(AD QD QC 5H 6C 8C 7D JH 3H 3S)
echo ${PH}
In the above array, how can I print to screen just the first 8 elements of ${PH} and have the last 2 elements print just below the first line starting underneath AD?
I need to do this in order to save terminal window spacing... (5 Replies)
Discussion started by: cogiz
5 Replies
Firewall mark classifier in tc(8) Linux Firewall mark classifier in tc(8)
NAME
fw - fwmark traffic control filter
SYNOPSIS
tc filter ... fw [ classid CLASSID ] [ action ACTION_SPEC ]
DESCRIPTION
the fw filter allows to classify packets based on a previously set fwmark by iptables. If it is identical to the filter's handle, the fil-
ter matches. iptables allows to mark single packets with the MARK target, or whole connections using CONNMARK. The benefit of using this
filter instead of doing the heavy-lifting with tc itself is that on one hand it might be convenient to keep packet filtering and classifi-
cation in one place, possibly having to match a packet just once, and on the other users familiar with iptables but not tc will have a less
hard time adding QoS to their setups.
OPTIONS
classid CLASSID
Push matching packets to the class identified by CLASSID.
action ACTION_SPEC
Apply an action from the generic actions framework on matching packets.
EXAMPLES
Take e.g. the following tc filter statement:
tc filter add ... handle 6 fw classid 1:1
will match if the packet's fwmark value is 6. This is a sample iptables statement marking packets coming in on eth0:
iptables -t mangle -A PREROUTING -i eth0 -j MARK --set-mark 6
SEE ALSO
tc(8), iptables(8), iptables-extensions(8)
iproute2 21 Oct 2015 Firewall mark classifier in tc(8)