Linux FTP and Xinetd sample FTP xinetd.conf Access Controls

Xinetd.conf Access Control

  # default : off

  # IMAP service allows remote

  # users to access their mail using

  # an IMAP client such as Mutt, Pine

  # fetchmail, or Netscape


  service imap

  {

   socket_type  = stream

   wait  = no

   user  = root

   server  = /usr/sbin/imapd

   log_on_success += DURATION USERID

   log_on_failure += USERID

   disable  = no

   only_from  = 172.16.12.0

   no_access  = 172.16.12.231

   server  = /usr/sbin/in.rlogind

  }


Note :


only_from 

   this attribute identifies the hosts that are allowed to connect to the server.   

   Host can be defined using following:

    • a numeric address, ex.: 172.16.12.5 (single host) or 129.6.0.0 ( all host with an address that begins with 129.6. )
    • an address scope, ex.: 172.16.12.{3,6,8,23}
    • a network name, the network name must be defined in the /etc/networks file
    • a canonical hostname, the IP address provided by the remote system must reverse-map to this hostname
    • a domain name, the hostname returned by the reverse lookup must be in the specified domain.   ex.: .foobirds.org requires a host in the foobirds.org domain.   Note that when a domain name is used, it must starts with a dot.
    • IP with address mask, an IP address with an associated address mask, ex.: 172.16.12.128/255.255.255.0

no_access 

   this attribute defines the hosts that are denied access to the service.   

   Host are defined using exactly the same methods are those described previously for the only_from attribute

access_times 

   this attribute defines the time of day a service is available, in the form hour: min - hour: min.