HPE Community
Operating System - HP-UX
1836333 Members
3834 Online
110100 Solutions
New Discussion

how can i restrict some ip like 128.1.0.2 to access my hosts' port 1521?

 
常有慈悲心
Regular Advisor

‎01-29-2005 11:53 AM

‎01-29-2005 11:53 AM

how can i restrict some ip like 128.1.0.2 to access my hosts' port 1521?

thanks
0 Kudos
Reply
5 REPLIES 5
常有慈悲心
Regular Advisor

‎01-29-2005 12:09 PM

‎01-29-2005 12:09 PM

Re: how can i restrict some ip like 128.1.0.2 to access my hosts' port 1521?

i mean only allow 128.1.0.2 to access my host's port 1521.
is /etc/inetd.conf can work this?
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎01-29-2005 01:08 PM

‎01-29-2005 01:08 PM

Re: how can i restrict some ip like 128.1.0.2 to access my hosts' port 1521?

Is the service for port 1521 run by inetd? Is there an entry for it in /etc/services and /etc/ientd.conf? If so, then you can use /var/adm/inetd.sec to restric access.

You can do this by using an 'allow' line in inetd.sec.

I believe the syntax is:

servicename allow 128.1.0.2

That would only allow the ip address 128.1.0.2 to access the service named servicename.
0 Kudos
Reply
常有慈悲心
Regular Advisor

‎01-29-2005 01:37 PM

‎01-29-2005 01:37 PM

Re: how can i restrict some ip like 128.1.0.2 to access my hosts' port 1521?

how can i restrict 128.1.0.2 can't access other ports?
0 Kudos
Reply
Biswajit Tripathy
Honored Contributor

‎01-29-2005 02:43 PM

‎01-29-2005 02:43 PM

Re: how can i restrict some ip like 128.1.0.2 to access my hosts' port 1521?

One option is to use IPFilter.

Configure the following rule:

$ /sbin/ipf -f -
block in quick proto tcp from 128.1.0.2 to any port = 1521

- Biswajit
:-)
0 Kudos
Reply
kenny chia
Regular Advisor

‎01-30-2005 08:15 PM

‎01-30-2005 08:15 PM

Re: how can i restrict some ip like 128.1.0.2 to access my hosts' port 1521?

Hi
Are you trying to restrict access to an Oracle Database listener at port 1521? Instead of filtering at OS level, you could try modifying the file $ORACLE_HOME/NETWORK/ADMIN/PROTOCOL.ORA instead

example...
tcp.validnode_checking = YES
tcp.invited_nodes = (128.1.0.2)
All Your Bases Are Belong To Us!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.