How to implement TCP Wrappers user/group match in firewall rules?

Solution Verified - Updated -

Issue

  • How to implement TCP Wrappers user/group match in firewall rules?
  • Previously in RHEL, we used to use /etc/hosts.allow and /etc/hosts.deny along with Match User. How can we use this in combination with firewalld?

Environment

  • Red Hat Enterprise Linux 7 and later
  • iptables, firewalld, or nftables firewall
  • Migrating from deprecated TCP Wrappers with username/UID or groupname/GID rules

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content