Block port for all except for one specific ip in Solaris11.4
Hi,
I need to block ssh port 22 from all the servers except one server ip.
Until solaris11.3 and below, I used to do like below(under /etc/ipf/ipf.conf),and it's working fine
But I tried almost same in 11.4 like below(under /etc/firewall/pf.conf), It's not working
Where am I doing wrong here?
Hello All
I am running redhat linux 7.2 and would like to know how i can block telnetting to a specified port .
say for example i would like to block telnet acesses to port 80.
regards
Xiamin (5 Replies)
Hi,
Anyone know how I can log all input - when a user logs in to a specific port number ie if user telnet to port specifically telnet 0 4800
I want to log all input that the user inputs..
Is this possible??
Is the sun solaris forum the correct forum or should this perhaps go... (10 Replies)
H,
I want to know the ip of the devices connected to a specific port.
Suppose 2 s/m's are connected to port 3092. I want to get the ip of those system's .
how do i get it? (1 Reply)
Hi all,
I have a problem. I have machine names and their IP addresses in /etc/hosts file. My application does telnet on that machine host name. The application does not uses IP address for tenet. It will fetch the host name from /etc/hosts file.
Now the telnet server runs on customized port.... (6 Replies)
Dear members,
My release is open Solaris b103
1- How to know the opening port in my system
2- How to open a specific port like port number 53
3- How to closed the specific port like port number 53
Your feedback highly appreciated (10 Replies)
Hi All,
Can anyone let me know that how to open a specific port in Solaris 10. I just wanted to know if there are some certain commands to open a port (like ftp, telnet).
It would be also better if someone can tell me if there is another firewall service in Solaris 10 except ipfilter.
... (6 Replies)
Hi,
I've been looking for a few hours now, reading various docs and man pages, but the info I found so far is either not what I was looking for or I just don't get how to do the thing I need....
So, my "problems" is that I have a server running on a specific port and I need to shape traffic... (2 Replies)
I have a script that runs right before a daily reboot that captures the amount of MB transmitted up and pulled down since last reboot.
echo `date +"%m-%d-%y"``grep eth0 /proc/net/dev | awk '{print ","$2/1024/1024","$10/1024/1024}'`>>/home/nick/bandwidth.logIn looking at the raw output of... (1 Reply)
I need to search for a block with the starting pattern say
"tabId": "table_1", and ending pattern say "]"
and then add a few lines before "]"
"block1":"block_111"
"tabId": "table_1",
"title":"My title"
.....
....
}]
how do I achieve it using awk and sed.
Thanks,
Lakshmi (3 Replies)
Hello again people,
I currently searching for a code/script that will allow it to check if a specific port is open, lets say 123. Found a public script on a ftp but I dont know how and what to modify in it to suit my needs. (I think this is a evil code and I want to use it as an example).
... (3 Replies)
Discussion started by: galford
3 Replies
LEARN ABOUT OSX
net::server::proto::ssl
Net::Server::Proto::SSL(3) User Contributed Perl Documentation Net::Server::Proto::SSL(3)NAME
Net::Server::Proto::SSL - Net::Server SSL protocol.
SYNOPSIS
Until this release, it was preferrable to use the Net::Server::Proto::SSLEAY module. Recent versions include code that overcomes original
limitations.
See Net::Server::Proto. See Net::Server::Proto::SSLEAY.
use base qw(Net::Server::HTTP);
main->run(
proto => 'ssl',
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
);
# OR
sub SSL_key_file { "/path/to/my/file.key" }
sub SSL_cert_file { "/path/to/my/file.crt" }
main->run(proto = 'ssl');
# OR
main->run(
port => [443, 8443, "80/tcp"], # bind to two ssl ports and one tcp
proto => "ssl", # use ssl as the default
ipv => "*", # bind both IPv4 and IPv6 interfaces
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
);
# OR
main->run(port => [{
port => "443",
proto => "ssl",
# ipv => 4, # default - only do IPv4
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
}, {
port => "8443",
proto => "ssl",
ipv => "*", # IPv4 and IPv6
SSL_key_file => "/path/to/my/file2.key", # separate key
SSL_cert_file => "/path/to/my/file2.crt", # separate cert
SSL_foo => 1, # Any key prefixed with SSL_ passed as a port hashref
# key/value will automatically be passed to IO::Socket::SSL
}]);
DESCRIPTION
Protocol module for Net::Server based on IO::Socket::SSL. This module implements a secure socket layer over tcp (also known as SSL) via
the IO::Socket::SSL module. If this module does not work in your situation, please also consider using the SSLEAY protocol
(Net::Server::Proto::SSLEAY) which interfaces directly with Net::SSLeay. See Net::Server::Proto.
If you know that your server will only need IPv4 (which is the default for Net::Server), you can load IO::Socket::SSL in inet4 mode which
will prevent it from using Socket6 and IO::Socket::INET6 since they would represent additional and unsued overhead.
use IO::Socket::SSL qw(inet4);
use base qw(Net::Server::Fork);
__PACKAGE__->run(proto => "ssl");
PARAMETERS
In addition to the normal Net::Server parameters, any of the SSL parameters from IO::Socket::SSL may also be specified. See
IO::Socket::SSL for information on setting this up. All arguments prefixed with SSL_ will be passed to the IO::Socket::SSL->configure
method.
BUGS
Until version Net::Server version 2, Net::Server::Proto::SSL used the default IO::Socket::SSL::accept method. This old approach introduces
a DDOS vulnerability into the server, where the socket is accepted, but the parent server then has to block until the client negotiates the
SSL connection. This has now been overcome by overriding the accept method and accepting the SSL negotiation after the parent socket has
had the chance to go back to listening.
LICENCE
Distributed under the same terms as Net::Server
THANKS
Thanks to Vadim for pointing out the IO::Socket::SSL accept was returning objects blessed into the wrong class.
perl v5.16.2 2012-05-29 Net::Server::Proto::SSL(3)