Hi Jon, Thanks for the reply. Unfortunately it's not what I exactly need. I need to configure restrictions like these: - user A is allowed to login only from X.X.X.X - user B is allowed to login only from X.X.X.X/MM etc.. On Wed, 11 Feb 2009 07:52:49 -0500, Jon Miller <jonebird@xxxxxxxxx> wrote: > Typically pam_access is used in targeting select groups or netgroups. If > you > trying to restrict access based on the source IP address, then the best > option for accomplishing that is using iptables. Even if you are still > targeting select groups to have access, I would still recommend combining > iptables for just the IP restrictions. > > -- Jon Miller > > On Wed, Feb 11, 2009 at 7:38 AM, bluesman <bluesman@xxxxxxxxxxx> wrote: > >> >> Hi Guys, >> My first mesage to this list, so nice to meet you :) Here's the problem: >> In order to restrict access to our clients, we are implementing >> pam_access >> module. The configuration is working fine, but there is some problem in >> defining the "from" field. >> During the authentication, if the module is able to (reverse) resolve >> the >> IP, it *wants* to find the DNS name in the access.conf, ignoring the line >> even if the IP or subnet is defined. As a workaround, i added all DNS >> names >> and IP in the config. but this will make impossible for me to define IP >> ranges. >> Do someone know how to solve this problem? >> >> Hope I've been clear enough. >> Thanks in advance. >> >> Diego Roccia >> >> _______________________________________________ >> Pam-list mailing list >> Pam-list@xxxxxxxxxx >> https://www.redhat.com/mailman/listinfo/pam-list >> > _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
