Port limiting

[Rachel Llorenna]

Regardless of what you put in the ircd, it would be preferable to do
it using firewalling because you can simply drop packets to that
port... It will secure the servers if you limit the server port to
known servers only (as you're supposed to do if you can), though it
will make it less convenient to add/remove servers.


On Tue, 15 Feb 2005 15:41:11 -0700 (MST), timwoj at ieee.org
<timwoj at ieee.org> wrote:
> This might be a feature request, but I'm not sure.  I run a closed network
> of 3 servers that requires an SSL connection for clients.  The only
> problem is that it really doesn't.  We require clients to join via SSL via
> heavy-handed opers/users basically.
> 
> The problem is that for server linking, we have to leave a plaintext port
> open.  The only way users don't know of this port is because we don't tell
> them what it is (i.e. security through obscurity, which we all know is
> bad).  What I'd like is a way to limit a port's connections to only
> machines that have a connect block in the config.  Is there a way to do
> this currently?  I know I could set up a firewall of some sort on each
> server, but sharing a common conf file for the ircd would be considerably
> easier.
> 
> Tim
> 


-- 
Regards,

Rachel Llorenna (frequency)