HPE Community
Operating System - HP-UX
1752803 Members
5364 Online
108789 Solutions
New Discussion юеВ

Trying to block a single IP Address

 
Chris_305
Occasional Contributor

тАО04-11-2003 01:52 PM

тАО04-11-2003 01:52 PM

Trying to block a single IP Address

I have installed IP Filter 9000 on my HP Server running HP-UX 11.i and can't seem to figure out how to block one single IP Address. Doing a full subnet is easy but I need to only block one single IP Address because I need the rest of the network to access this machine.
example I Have a private IP Address of 10.23.206.52 and want to block incoming traffic from 10.23.249.50.

Any info on this would be appreciated.
if I only knew I wouldn't be here-- ???
0 Kudos
Reply
8 REPLIES 8
Zafar A. Mohammed_1
Trusted Contributor

тАО04-11-2003 02:00 PM

тАО04-11-2003 02:00 PM

Re: Trying to block a single IP Address

Access control to individual network services can be set in /var/adm/inetd.sec, an optional security file for the Internet daemon.
You can explicitly allow or deny use of most networking services by listing them on a per-machine or per-subnet basis. The syntax of entries in /var/adm/inetd.sec is:
service-name allow|deny { host-address| host-name}...

The service-nameis the official name (not an alias) of a valid service in the file /etc/services. The service-name for RPC-based services(NFS) is the official name (not an alias) of a valid service in the file
/etc/rpc. The wildcard character * and the range character - are permitted in addresses.


Thanks
Zafar
0 Kudos
Reply
Michael Tully
Honored Contributor

тАО04-11-2003 02:03 PM

тАО04-11-2003 02:03 PM

Re: Trying to block a single IP Address

The easiest way to block a single IP address is to use the /var/adm/inetd.sec file.
The man page gives some good example on the syntax.
Anyone for a Mutiny ?
0 Kudos
Reply
Chris_305
Occasional Contributor

тАО04-11-2003 02:13 PM

тАО04-11-2003 02:13 PM

Re: Trying to block a single IP Address

I am trying to block all traffic from an IP address not just some services like inetd.sec does.
if I only knew I wouldn't be here-- ???
0 Kudos
Reply
Kelli Ward
Trusted Contributor

тАО04-11-2003 02:34 PM

тАО04-11-2003 02:34 PM

Re: Trying to block a single IP Address

Someone correct me if I am wrong;
I believe if you install (or have installed) tcp_wrappers, you can add an entry in /etc/hosts.deny of
ALL : 10.23.249.50

Not sure of a shotgun way to do it with inetd.sec

Good luck,
Kel
The more I learn, the more I realize how much more I have to learn. Isn't it GREAT!
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО04-11-2003 04:33 PM

тАО04-11-2003 04:33 PM

Re: Trying to block a single IP Address

Download tcp_wrappers from software.hp.com since as you've mentioned, inetd.sec covers only selected services.


Bill Hassell, sysadmin
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

тАО04-11-2003 06:35 PM

тАО04-11-2003 06:35 PM

Re: Trying to block a single IP Address

Hi,

On the HP-UX server

#route add 10.23.206.52 xx.xx.xxx.xxx 1

Here xx.xx.xxx.xxx is an unused IP address in your local network.

Now that particular client will be blocked.

regards,

U.SivaKumar


Innovations are made when conventions are broken
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

тАО04-11-2003 06:44 PM

тАО04-11-2003 06:44 PM

Re: Trying to block a single IP Address

Hi,

This should also work

#route add 10.23.206.52 127.0.0.1

regards,

U.SivaKumar


Innovations are made when conventions are broken
0 Kudos
Reply
Wodisch
Honored Contributor

тАО04-13-2003 10:03 AM

тАО04-13-2003 10:03 AM

Re: Trying to block a single IP Address

Hi Chris,

since aou already use "IP Filter" I guess you simply missed the obvious: use the netmask "/32" and be done...

FWIW,
Wodisch
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.