Restrict network access per service based on IP address
Aug 29, '05 07:55:00AM • Contributed by: Anonymous
Aug 29, '05 07:55:00AM • Contributed by: Anonymous
You can restrict access to a network service on a per-IP basis by configuring launchd to use TCP wrappers. First, install tcp_wrappers using Fink or DarwinPorts; see the tcp_wrappers page at DarwinPorts for more info.
Then set Program to /usr/libexec/tcpd in the plist for the daemon you want to wrap. You might also need to adjust ProgramArguments. Note that TCP wrappers only works for inetd-compatible jobs whose "Wait" setting is set to false.
[robg adds: I haven't tested this one...]
Then set Program to /usr/libexec/tcpd in the plist for the daemon you want to wrap. You might also need to adjust ProgramArguments. Note that TCP wrappers only works for inetd-compatible jobs whose "Wait" setting is set to false.
[robg adds: I haven't tested this one...]
•
[7,133 views]
