Restricting NNTP Access
Access to NNTP resources is governed by the file
nntp_access
in /etc/news
. Lines
in this file describe the access rights granted to foreign hosts. Each line
has the following format:
site
read|xfer|both|no post|no [!exceptgroups
]
If a client connects to the NNTP port, nntpd attempts to
obtain the host’s fully qualified domain name from its IP address using reverse
lookup. The client’s hostname and IP address are checked against the
site
field of each entry in the order in which they
appear in the file. Matches may be either partial or exact. If an entry
matches exactly, it applies; if the match is partial, it applies only if there
is no other match following it that is at least as good.
site
may be specified in one of the following ways:
- Hostname
This is a fully qualified domain name of a host. If this matches the client’s canonical hostname literally, the entry applies, and all following entries are ignored.
- IP address
This is an IP address in dotted quad notation. If the client’s IP address matches this, the entry applies, and all following entries are ignored.
- Domain name
This is a domain name, specified as *.
domain
. If the client’s hostname matches the domain name, the entry matches.- Network name
This is the name of a network as specified in
/etc/networks
. If the network number of the client’s IP address matches the network number associated with the network name, the entry matches.- Default
The string
default
matches any client.
Entries with a more general ...
Get Linux Network Administrator's Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.