info-multinet@process.com wrote:
>
>Hi Hunter,
>
>>I think the only way to do that would be to set up packet filtering to
>>block those. Rules like the following would allow only the specified
>>hosts (or subnets) to connect:

>...
>>!
>>! Allow certain address to connect via SSH
>>!
>>permit tcp 4.3.2.1 255.255.255.255 0 0 eq 22
>>permit tcp 1.2.3.4 255.255.255.0 0 0 eq 22
>>!
>>! Deny all others
>>!
>>deny tcp 0 0 0 0 eq 22

>
>I was thinking that packet filters might be the (only) way to do it.
>However I was also under the impression that changing them required a system
>reboot. If this isn't the case then I think I'll give them a go!
>
>How efficient is MultiNet when it comes to reloading the packet filter file?
>I'm thinking that if the server is up for a few hundred days -- as is often
>the case with VMS -- and I reload the packet filters a few times a day, will
>performance be adversely affected? (E.g. memory pool fragmentation?)
>
>Thanks!
>
> Jeremy Begg


MultiNet 5.1 has some code to allow for dynamic changes to the filters from an
application. This is laying the foundation for some future work. I don't
recall if that is documented.

-------------------------------------------------------------
Geoff Bryant bryant@process.com
TCPware/MultiNet/PMDF/SSH/PreciseMail Engineering
Process Software http://www.process.com/
959 Concord St.
Framingham, MA 01701 USA