Re: hosts.deny problem

From: Unruh (unruh-spam_at_physics.ubc.ca)
Date: 07/16/05


Date: 16 Jul 2005 15:36:44 GMT

Bit Twister <BitTwister@mouse-potato.com> writes:

>On 16 Jul 2005 05:47:02 -0700, scrunchy2k@yahoo.com wrote:
>> Hi all,
>>
>> I hate to seem like I'm "crying wolf", but the following
>> hosts.deny is still letting the occassional person through.
>> My hosts.allow is empty. I am starting to wonder if there is
>> a software bug.
>>
>> hosts.deny=
>>
>> ALL EXCEPT sshd httpd: ALL
>>
>> httpd, sshd: 80., 209., 210., 211., 212., 213., 214., 215., 216., 217.,
>> 218., 60
>> .36., 195.70., 202., 203.,204.,205.,206.,207.,208.,201.
>>
>> I've gotten people getting through this from 206.* and
>> other places.
>>
>> Thanks for any advices.

>just for fun I would move the ALL EXCEPT below the httpd line.
>I would also move 206., in front of 80.,

>Can we assume you did something like xinetd reload
>or sent a hup to inetd to force re-reading /etc/host.allow/deny files.

The files are read on a case by case basis, not stored, AFAIK.