Synopsis
The article describes specifics of different settings that may restrict access to a server.
-
The specified networks can be added as is to the list of allowed subnets in IPtables:
~# iptables -A INPUT -s xx.yy.zz.ww/nn -m tcp -p tcp --dport 22 -j ACCEPT
-
SSH service can be protected by TCP wrapper, which takes configuration from files /etc/hosts.allow and /etc/hosts.deny. These files have restriction of the subnet specification, the netmask must be in full form.
That is, to allow SSH service, the file /etc/hosts.allow should have a line like this one:
sshd: xx.yy.zz.ww/nn.mm.ll.kk
Use of CIDR notation is not allowed.