https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836058#M581422 yes, you can block it with /var/adm/inetd.sec<BR />see man inetd.sec With this you can block a server for an IP or range of IP's (eg. block ftpd for an IP)<BR /> Wed, 30 Oct 2002 14:56:38 GMT Stefan Farrelly 2002-10-30T14:56:38Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836056#M581420 Hi,<BR />i need to deny remote ftp acces to a particular user.<BR />That is the only opertione that user can do is like this<BR />ftp 127.0.0.1<BR /><BR />while <BR />ftp host_name <BR />from remote host must be refused.<BR /><BR />Is it possible?<BR /><BR />Thank you<BR />Luca<BR /><BR />p.s.: An entry in ftpusers deny access also from local host. Wed, 30 Oct 2002 14:49:07 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836056#M581420 Luca Rasconi 2002-10-30T14:49:07Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836057#M581421 You can use the /var/adm/inetd.sec file to specify what ip address can use ftp.<BR />ftp allow xxx.xxx.* Wed, 30 Oct 2002 14:50:05 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836057#M581421 Ken Hubnik_2 2002-10-30T14:50:05Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836058#M581422 yes, you can block it with /var/adm/inetd.sec<BR />see man inetd.sec With this you can block a server for an IP or range of IP's (eg. block ftpd for an IP)<BR /> Wed, 30 Oct 2002 14:56:38 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836058#M581422 Stefan Farrelly 2002-10-30T14:56:38Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836059#M581423 yes, you can block it with /var/adm/inetd.sec<BR />see man inetd.sec With this you can block a service for an IP or range of IP's (eg. block ftpd for an IP)<BR /> Wed, 30 Oct 2002 14:57:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836059#M581423 Stefan Farrelly 2002-10-30T14:57:09Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836060#M581424 Sorry, I try to explain better:<BR />there 3 ftp user (they can make only ftp connections), and I need to deny remote access to one only ftp user.<BR />The other can do it.<BR /><BR />Bye<BR />Luca Wed, 30 Oct 2002 15:01:46 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836060#M581424 Luca Rasconi 2002-10-30T15:01:46Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836061#M581425 Hi,<BR /><BR />I think you are going to have to replace ftp with wrapper script that verifies the user is allowed to ftp only to 127.0.0.1.<BR /><BR />Move /usr/bin/ftp to another location that is not in your users' search path and replace it with your script.<BR /><BR />inetd.sec will not work. It will deny incoming connections only. Further, it is for IP addresses only, not users.<BR /><BR />ftpusers will not work since you want this user to be able to ftp to the local host. Also, it's only for incoming connections, not outgoing.<BR /><BR />Why do you want the user to be able to ftp to the local host? Seems he could simply use cp.<BR /><BR />Darrell Wed, 30 Oct 2002 15:11:58 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836061#M581425 Darrell Allen 2002-10-30T15:11:58Z https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836062#M581426 Hi Darrel, <BR />you are right: why it needs this behaviour?<BR />I simply received this strange (for me) request. I asked him the same question you asked me and I'm waiting for his reponse.<BR /><BR />Thank you all<BR />Luca Wed, 30 Oct 2002 15:13:48 GMT https://community.hpe.com/t5/operating-system-hp-ux/ftpd-question/m-p/2836062#M581426 Luca Rasconi 2002-10-30T15:13:48Z