is there anyscript to limit ip..


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting is there anyscript to limit ip..
# 8  
Old 01-17-2002
I am not sure what your goal is in trying to restrict the ip addresses that a user can access. My first guess is that you can't for individual users without affecting many users.


If you are asking how to limit a user only to one file or one directory on a box, that would take a great deal of management on your part.

I am not sure you could limit them to one script or file or even one directory without affecting many other users at the same time.

If you allow them on the box, they will be able to go to any directory that has "read" access on the directory for world or group if they have the same group as the directory has.

If you are having that much difficulty with a user or users, you need to have a long talk with their boss or do as LivinFree suggests and kick them off your box until they learn to play well with others.

Unix requires a certain level of trust from users who have access to it on your box. You can't allow a user on your box and then clamp down on their access to the box.

That would be like closing the barn door after the horse is already outside, it doesn't work.

Smilie
# 9  
Old 01-18-2002
its very easy

i explain it manytimes mabe i explain it wrong but hard to understand what i`m looking for if you dont have a shell services provider!

we have problme realy with thos users who useing BNC Or even eggdrop,

look for this

our machine have 127.0.0.0/24 class ip the and we assing for the user 127.0.0.1 for example the user can change the ip at anytime he want , and use anyip from our class 127.0.0.0/24 ips. we want something stop him from doing that and only allow him to use what we only assing for him.




Hope u got me now
# 10  
Old 01-23-2002
Bug

you can do it using ipfw rules as the following:
say the login is big and the ip is 172.168.0.10
# for traffic in
ipfw add allow tcp from any to 172.168.0.10 in
# only login big can use the ip to outgoing traffic
ipfw add allow tcp from 172.168.0.10 to any out uid big
# for identd can access the IP to
ipfw add allow tcp from 172.168.0.10 to any out uid root
# then deny everyone else to use the IP via outgoing traffic
ipfw add deny tcp from 172.168.0.10 to any


Hope this helps

Smilie
# 11  
Old 01-24-2002
Great!!

Thanks first for this.

i think this gonna work fine with eggdrops users but not with bnc users, btw i have Class C ips+ . so u dont think its hard to block ip per ip?Smilie


Thanks
# 12  
Old 02-15-2002
Tools

Hello,
am having 2 Class C's and working fine , its just blocking the IP per user so other users/logins wont be able to use that IP which is blocked for the user.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Maxuproc and limit

// AIX 6.1 & Power 7 server I have maxuproc set to 16384. lsattr -El sys0 -a maxuproc maxuproc 16384 Maximum number of PROCESSES allowed per user True What is the maximum number of maxuproc we can go for? If I increase maxuproc to the higher number, what would be ramifications? I... (1 Reply)
Discussion started by: Daniel Gate
1 Replies

2. Solaris

ARG_MAX Limit

Hi, I can able to view the limit of ARG_MAX ENV variable using the command: getconf ARG_MAX can we modify the value of ARG_MAX somewhere or is that common value depending upon the version of kernel ? (1 Reply)
Discussion started by: penqueen
1 Replies

3. Solaris

Limit: stacksize: Can't remove limit

Hi all, I'm using to Solaris machine. When I run a simple script this messenger come out:"limit: stacksize: Can't remove limit". Any one know the way to resolve this problem without reboot the machine? Thanks in advance. (3 Replies)
Discussion started by: Diabolist9
3 Replies

4. Shell Programming and Scripting

Any limit on files

I am doing an ftp of around 1010 files and I am using mput for this. For some reason its only transferring 10 or 20 files and the rest are not getting transferred. There is some socket error in the log. is there an issue if we have more than 50 or so files for mput. here is the o/p in the log... (2 Replies)
Discussion started by: dsravan
2 Replies

5. Shell Programming and Scripting

How to limit output

hello, i'm trying to figure out a way to limit the output from an SQL query that is counting the number of occurances of a value in a field and the problem is when i run this query against a huge file with many unique values the output is pretty huge. Is there a way i can specifically LIMIT the... (2 Replies)
Discussion started by: bobk544
2 Replies

6. AIX

Limit logins to 1

Trying to limit 1 login per account... Setup: We have 2 auth logins, one to the AIX (telnet)then into a distribution mgmt software, the users do not have a shell to log into on the AIX itself, so placing a script such as: active=`who | awk '{printf",%s,\n",$1}' | grep ,$LOGNAME, | wc -l` ... (0 Replies)
Discussion started by: pheusion
0 Replies

7. SCO

limit telnet

Hello Every One. :D Can any 1 tell how to configure unix so that only specified IP's can connect to that machine using telnet. :rolleyes: I guess there is also sum stratgy to limit it by time. such as from 9 a.m to 5 p.m. :eek: This is imp 4 me. plz help Thanks Shaikh Naveed Islamabad.... (5 Replies)
Discussion started by: shaikh.naveed
5 Replies

8. UNIX for Dummies Questions & Answers

Directory limit

I'm setting up a file server for users. Does anyone know how I can limit each users directory to 500MB? -------------- Runing Solaris 8 (3 Replies)
Discussion started by: merlin
3 Replies

9. UNIX for Dummies Questions & Answers

Limit command

I have installed vnc on my computer but do not want every one to be able to incite a vncserver how can I limit users of the vncserver command to only a specifc group? (1 Reply)
Discussion started by: macdonto
1 Replies

10. UNIX for Advanced & Expert Users

group limit

hi, i have in my /etc/group an unix group full. i need to add new user in this group. users need to have the same gid and the same name... is it possible ? can i create a concatenation with an other group or something else ? thx (1 Reply)
Discussion started by: farzolito
1 Replies
Login or Register to Ask a Question