msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

25 Oct 2007 Using TCP Wrappers to deny daemon access in specified hours

Posted by

By doing the following you can deny certain daemons to be available in specified hours by using hosts.allow and hosts.deny.

In my example I will be using the vsftpd daemon by adding

tcp_wrapper=YES

in /etc/vsftpd.conf.

Make sure that your private network has access all the time by adding this in /etc/hosts.allow

vsftpd: 192.168.0.

Enables access to the whole subnet.

Next you create a /etc/cron.d/vsftpd file

0 16 * * 1-5 root perl -i -p -e s/innhold//ig /etc/hosts.deny
0 8 * * 1-5 root echo "vsfdpt:ALL >> /etc/hosts.deny

Reload the cron daemon and you’re good to go.

The above example will deny all addresses, except those specified in hosts.allow, between 08:00 and 16:00 Monday to Friday and clear the block at other times.

Tags: ,

Comments are closed.