NcFTPd: Configuration: general.cf: tcp-wrappers

tcp-wrappers NcFTPd general.cf file configuration
Don't forget to restart NcFTPd after modifying the general.cf file.

You can control which client hosts contact your server by using TCP Wrappers' access control files. Consult the documentation that comes with TCP Wrappers for information on how to configure the access controls.

Restrictions:

The configuration files must be named /etc/hosts.allow and/or /etc/hosts.deny;
The files may be in the old format or the new layout mentioned by the hosts_options man page;
When using the the new format you cannot use the twist option;

Service-specific access for NcFTPd can be controlled by the "NcFTPd:" service name.

Please note that the author of TCP Wrappers (Wietse Venema) is not responsible for NcFTPd's implementation -- if you have problems with NcFTPd but your other services work fine with your TCP Wrappers please contact us first.

Also note that turning this feature on invokes a substantial performance penalty. If you're running an anonymous-only site you probably don't want to turn anyone away anyway.

Examples:

tcp-wrappers=yes

tcp-wrappers=no

Recommendation:

tcp-wrappers=no

Example TCP Wrappers configuration:

This example shows how to limit FTP access to only the 192.168.5.* network and hosts in the *.foobar.net domain. All other hosts are denied.

Contents of /etc/hosts.allow file:

ALL: 127.0.0.1

in.telnetd: onehost.fooblazz.com

NcFTPd: 192.168.5. .foobar.net

Contents of /etc/hosts.deny file:

ALL: ALL