The CMS security script creates the following files:
/etc/hosts.allow
/etc/hosts.deny
You can edit these files to control which IP addresses are allowed or denied access to a CMS server.
This document does not replace official RHEL documentation for editing and usage of the /etc/hosts.allow and /etc/hosts.deny files. CMS implements the standard use of these files within RHEL. For more information, see RHEL documentation.
The following table has some examples of entries that could be added to the /etc/hosts.allow file to restrict access to CMS. These examples are provided to give you an idea of what is possible.
Example setting |
Explanation of use |
in.telnetd : 10.8.10.0/255.255.255.0 |
This setting allows telnet connections from all IP addresses from 10.8.10.1 to 10.8.10.255. |
sshd : 10.0.0.0/255.0.0.0 |
This setting allows ssh connections from all IP addresses from 10.0.0.1 to 10.255.255.255. |
in.rshd: 10.8.31.100 10.8.31.55 |
This setting allows connections from IP addresses 10.8.31.100 and 10.8.31.55. |
