How can I log every login via telnet?
Chris
racerx at makeworld.com
Sun Apr 10 07:34:24 PDT 2005
Anthony Atkielski wrote:
> Sandy Rutherford writes:
>
>
>>See login.access(5) and login.conf(5). Both provide this
>>functionality.
>
>
> I've tried this and I've obtained weird results.
>
> Supposedly login stops at the first match in the login.access file. So
> I used this:
>
> +:ALL:console
> +:ALL:LOCAL
> +:xxx yyy:ALL EXCEPT 216.134.77.112 161.13.67.41
> -:ALL:ALL
>
> The idea is to prohibit any logins from anywhere except the LAN and
> console for all users except xxx and yyy (and even for those two logins
> are not accepted from two specific IP addresses). But as soon as I add
> the -:ALL:ALL at the end, logins are disallowed for everyone except xxx
> and yyy, even on the LAN, and even with ssh. I'm perplexed.
>
Anthony,
If you are using ipfw, you could do something like this:
# Allow in only a few Telnet, SFTP, SSH, and SCP from public Internet
${fwcmd} add 090 pass log tcp from 161.13.67.41,216.134.77.112 to ${ip}
23 setup limit src-addr 5
What this does is allow the above mentioned in from the above mentioned
IP's - THEN, only allows a connection of 5.
Something to think about if you run the firewall. To the rest of the
outside, users will get dead space if they try to telnet in.
--
Best regards,
Chris
If opportunity came disguised as temptation,
one knock would be enough.
More information about the freebsd-questions
mailing list