Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 2 Jun 2001 20:43:16 -0600 (CST)
From:      Ryan Thompson <ryan@sasknow.com>
To:        andy t <g_et1@hotmail.com>
Cc:        questions@FreeBSD.ORG
Subject:   Re: question
Message-ID:  <Pine.BSF.4.21.0106022038590.5178-100000@ren.sasknow.com>
In-Reply-To: <F229kNzPZrIkyPzGNso00009b61@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
andy t wrote to questions@FreeBSD.ORG:

> Hi,
> 
> how to make a private IP/host ?
> 
> example:
> 
> my machine has 3 ips:
> 
> -. 1.1.1.1
> -. 1.1.1.2
> -. 1.1.1.3
> 
> any user has access to use these ips. how to make ip number 1.1.1.1
> restricted so that only username "test" has access to use this ip, the
> other user has no access to use ip "1.1.1.1"

Hmm. This is a bit tricky. ipfw(8) will allow you to restrict by username.
Assuming "test" has uid 1000, a pair of rules like the following might 
do it, although I've never tried this:

	allow ip from any to 1.1.1.1 uid 1000
	allow ip from 1.1.1.1 to any uid 1000

This assumes that you use IPFW in a default deny state. 

If this doesn't help you, perhaps you could give us more detail of your
question? Exactly what is the scenario? What are you trying to permit?
What do you want to deny? Is this user "test" on the local machine, or are
you trying to restrict shell, FTP, or some other type of remote access? My
above solution is general, but obscure. There are much better ways to
secure things like FTP.

> Thank you,
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 

-- 
  Ryan Thompson <ryan@sasknow.com>
  Network Administrator, Accounts

  SaskNow Technologies - http://www.sasknow.com
  #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2

        Tel: 306-664-3600   Fax: 306-664-1161   Saskatoon
  Toll-Free: 877-727-5669     (877-SASKNOW)     North America


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0106022038590.5178-100000>