Feature #628
Ability to specify listen IP address of management services (SSH, web interface)
0%
Description
It would be nice if you can change the secure shell listen IP address from any to fix IP address from web interface
Current (Any IP)
tcp4 0 0 .ssh *. LISTEN
tcp6 0 0 .ssh *. LISTEN
History
#1
Updated by Ermal Luçi over 10 years ago
- Priority changed from Normal to Very Low
#2
Updated by Chris Buechler about 8 years ago
- Subject changed from Change Listen IP address of Secure Shell Daemon (sshd) from any to fix IP address to Ability to specify listen IP address of management services (SSH, web interface)
- Priority changed from Very Low to Low
#3
Updated by Marlin Cremers about 4 years ago
I would love to see this as I'm using pfSense as router and would like to disable the firewall to get greater performance. As described here:
This page documents limiting access when it cannot be done using firewall rules. In some scenarios, pfSense is deployed solely as a router, with filtering disabled, where very high throughput is required and filtering is undesirable (such as the core or edge of some small to mid sized ISPs). With filtering disabled, firewall rules cannot be used to restrict access.
https://doc.pfsense.org/index.php/Limiting_access_to_web_interface
Is there a way for me to at least look at this? Are there particular things I have to keep in mind when trying to create a patch for this?
#4
Updated by Kill Bill about 4 years ago
Marlin Cremers wrote:
Is there a way for me to at least look at this? Are there particular things I have to keep in mind when trying to create a patch for this?
This is for nginx: https://github.com/pfsense/pfsense/blob/master/src/etc/inc/system.inc#L1182
This is for SSH: https://github.com/pfsense/pfsense/blob/master/src/etc/sshd