Reprinted from: http://wuhaoshu.blog.51cto.com/845270/489684
1. Modify: /etc/vsftpd/vsftpd.conf
Add to:
tcp_wrappers=YES
2. Modify /etc/hosts.deny
Add: disable all
vsftpd : ALL
3. Modify /etc/hosts.allow
Add: allow ip access
vsftpd:.admin99.net
vsftpd:192.168.0.
vsftpd:192.168.0.0/255.255.255.0
The first line indicates that only hosts in the domain of admin99.net are allowed to access the vsftpd service, pay attention to the dot (.) in front of admin99.net;
/ The second line indicates that only users in the network segment 192.168.0 are allowed to access the vsftpd service , pay attention to the dot (.) after the 0;
the third line indicates that only users on the network segment 192.168.0 are allowed to access the vsftpd service. Note that it cannot be written as 192.168.0.0/24 here.
If the vsftpd service is managed by xinetd ,you can modify the /etc/xinetd.d/
/vsftpd configuration file and add the only_from = ip segment.