From owner-freebsd-questions Fri Sep 14 15:31:46 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5]) by hub.freebsd.org (Postfix) with ESMTP id 3064B37B401 for ; Fri, 14 Sep 2001 15:31:43 -0700 (PDT) Received: from hades.hell.gr (patr530-a054.otenet.gr [212.205.215.54]) by mailsrv.otenet.gr (8.11.5/8.11.5) with ESMTP id f8EMVCd12932; Sat, 15 Sep 2001 01:31:18 +0300 (EEST) Received: (from charon@localhost) by hades.hell.gr (8.11.6/8.11.6) id f8EMVHu42402; Sat, 15 Sep 2001 01:31:17 +0300 (EEST) (envelope-from charon@labs.gr) Date: Sat, 15 Sep 2001 01:31:17 +0300 From: Giorgos Keramidas To: Mark Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Restricting Ports to local access? Message-ID: <20010915013116.B37616@hades.hell.gr> References: <000001c13d5e$e443e700$0200000a@redmond.corp.microsoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <000001c13d5e$e443e700$0200000a@redmond.corp.microsoft.com>; from mw@lanfear.com on Fri, Sep 14, 2001 at 01:50:30PM -0700 X-PGP-Fingerprint: 3A 75 52 EB F1 58 56 0D - C5 B8 21 B6 1B 5E 4A C2 X-URL: http://students.ceid.upatras.gr/~keramida/index.html Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Mark wrote: > > Is there any way to restrict a port to have local access only > (i.e. if you're running a shell or tunnelling in through SSH) but not be > accessible to machines outside on the net? > > [motivation: I'd like to force POP3 clients to tunnel in using > SSH] You can use tcp_wrappers or a firewall to block access to everyone except for localhost to these ports. Then your users will have to use ssh tunnels and connect to 127.0.0.1:110 to get to the popper. -giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message