[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Different tcp wrapper configuration for ldap and ldaps, possible?
You could use iptables/ipchains or whatever packet filtering capability
your OS offers, to limit access to port 389.
Allan
On Mon, 5 May 2003, Bo Gundersen wrote:
> Hi
>
> I have run into a bit of a problem, I have an semi open OpenLdap server
> which is currently only responding to ldaps, but I would like to open
> the server for non-ssl connections from a very limited number of hosts.
>
> However I am not sure how to configure this with tcp wrappers. As I
> understand it, OpenLdap checks the hosts.{allow,deny} files with the
> name of OpenLdap executable and not the name of the actual protocol
> (correct?), and it is therefor impossible to have a very open
> hosts.{allow,deny} for ldaps and a very closed one for ldap.
>
> Is there anyway that I can make OpenLdap use the actual protocol for
> lookups into hosts.{allow,deny} istead of the executable name?
> or do I have to run two different OpenLdap servers to make this work?
>
> Thanks in advance :)
>
>