RE: xinetd and hosts.allow
From: Thomas Amwoza (amwoza_at_comcast.net)
Date: 04/17/04
- Previous message: Jay Daniels: "xinetd and hosts.allow"
- In reply to: Jay Daniels: "xinetd and hosts.allow"
- Next in thread: Aaron Konstam: "Re: xinetd and hosts.allow"
- Reply: Aaron Konstam: "Re: xinetd and hosts.allow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: "'For users of Fedora Core releases'" <fedora-list@redhat.com> Date: Sat, 17 Apr 2004 11:10:46 -0500
Delete the /etc/hosts.deny file (or rename it hosts.deny.bak) and use this
syntax in the /etc/hosts.allow file:
ALL: LOCAL, 192.168.2.0/255.255.255.0, darkforce.darktech.org,
my_static_ip_here : ALLOW
Tom
-----Original Message-----
From: fedora-list-bounces@redhat.com
[mailto:fedora-list-bounces@redhat.com] On Behalf Of Jay Daniels
Sent: Saturday, April 17, 2004 10:36 AM
To: fedora-list@redhat.com
Subject: xinetd and hosts.allow
I cannot get xinetd and tcp wrappers hosts.allow and hosts.deny to work.
/etc/hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
ALL: LOCAL, 192.168.2.0/255.255.255.0, darkforce.darktech.org,
my_static_ip_here
# allow ssh connection from dialup@myisp disabled until resolved.
#sshd: 209.164.234.0/255.255.255.0
/etc/hosts.deny
ALL: ALL
I have tried several combination in hosts.allow and restarted xinetd, but
when I have the above lines uncommented I cannot send any mail via smtp
port 25 from localhost!
Any ideas?
This may all be redundant since the firewall is suppose to block specified
connections to these ports, but I was thinking tcp wrappers would add to
the security?
Also, I am still unclear how to edit /etc/hosts and my hosts file may have
something to do with it.
$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.2.1 darkforce.darktech.org darkforce #me
192.168.2.12 darkstar.darktech.org darkstar #my laptop
64.246.60.114 cobra.python-hosting.com cobra #my hosting
Should I have my gateway ip address in place of the 192.164.2.1? How does
tcp wrappers distinguish between eth0 and eth1?
Note that I can leave hosts.allow and hosts.deny blank and all is well, I
can send mail from localhost, etc.
Is this even necessary if my firewall is working properly by allowing
connections from my local net and blocking certain connections from my
inet interface?
jay
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.659 / Virus Database: 423 - Release Date: 4/15/2004
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- application/x-pkcs7-signature attachment: smime.p7s
- Previous message: Jay Daniels: "xinetd and hosts.allow"
- In reply to: Jay Daniels: "xinetd and hosts.allow"
- Next in thread: Aaron Konstam: "Re: xinetd and hosts.allow"
- Reply: Aaron Konstam: "Re: xinetd and hosts.allow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
