Jul
19
2013
archlinux has chosen to remove TCP wrappers from it’s core packages a couple of years now.
You can read this all about here.
This is how to imitate the tcp wrapper (by the way Wietse Venema rocks! ) functionality with iptables and source range.
iptables -A INPUT -p tcp --dport 22 -m iprange --src-range 158.255.214.14-158.255.214.15 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP
Saturday, July 20, 2013 - 00:01:14
TTBOMK, iptables does not handle domain names, so this imitation is working yes, but does half the job. The really cool stuff for you to try out would be to have a host_access daemon that reads hosts.allow and hosts.deny and translates them into dynamically added and removed iptables rules.