How can i restrict IP’s to access the ezeelogin portal?
Configuring IP restrictions for ezeelogin portal access
Overview: This article details the process for restricting IP access to the Ezeelogin SSH gateway server. It covers how to limit IP addresses individually or in CIDR format through the Ezeelogin web portal. The article also provides commands to enable or disable IP restrictions for all users, including examples of IP range specifications and SQL queries for updating user access controls.
You can limit/restrict the IPs from which the User can connect to Ezeelogin ssh gateway server.
Step 1. Login to Ezeelogin webportal and click on Users -> Edit user -> Enable Limit IPs
Step 2. Add the IP / IP ranges of the ssh gateway user. IPs can be specified both individually or in CIDR format.
You can enter IP addresses, one on each line. IPv4 ranges can be specified using hyphen in the format : 10.10.3.40-45(only the last octet can be used to specify the range)
How to enable IP restriction for all users?
Run the following command to enable IP restriction(limit IP)
root@jumpserver:~# /usr/local/ezlogin/ez_queryrunner.php "UPDATE prefix_users SET ip_enable='Y'";
root@jumpserver:~#/usr/local/ezlogin/ez_queryrunner.php "REPLACE into prefix_user_ips (user_id,ip) SELECT id, 'IP ADDRESS' as ip from prefix_users";
Replace the IP ADDRESS with the one that needs to be restricted.
Example:
root@jumpserver:~# /usr/local/ezlogin/ez_queryrunner.php "REPLACE into tkdd_user_ips (user_id,ip) SELECT id, '5.5.5.5' as ip from tkdd_users";
How to disable IP restriction for all users?
Run the following command to disable IP restriction(limit IP)
root@jumpserver:~#/usr/local/ezlogin/ez_queryrunner.php "UPDATE prefix_users SET ip_enable='N', status=1";
Related Articles
How to generate user reports as CSV files in Ezeelogin?
How to get the remote server activity of users
How to get the Shell Activity of Users