Date: Wed, 14 Jul 1999 15:13:16 -0700 (PDT) From: Doug <Doug@gorean.org> To: Lance Woodson <lance@cswnet.com> Cc: freebsd-questions@freebsd.org Subject: Re: 3.2 hosts.allow Problems Message-ID: <Pine.BSF.4.05.9907141509360.29705-100000@dt054n86.san.rr.com> In-Reply-To: <378CFDFC.16B891CC@cswnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 14 Jul 1999, Lance Woodson wrote: > > I want to be able to deny all conections except from three domains. > > However, everything is getting denied. What am I doing wrong? > > > /etc/hosts.allow > > ALL: 127.0.0.1: ALLOW > > ALL: .a.com: ALLOW > > ALL: .b.com: ALLOW > > ALL: .c.com: ALLOW > > telnetd: ALL: banners /usr/local/etc/banners > > ALL: ALL: DENY > > Now nothing is being denied. To restart inetd, I am using "killall > inetd;inetd". First, you shouldn't have to start inetd for changes in hosts.allow to take effect. Second, are you testing from a machine that is not included in the "allow" rules? I know that may seem like an obvious question, but sometimes it's the obvious things that bite you. :) Also, to my knowledge it should not matter but I've always seen rules for hosts.[allow,deny] written as: ALL : ALL : DENY rather than: ALL: ALL: DENY but it shouldn't matter. Other than that, I'm out of ideas. The above _is_ the way it's supposed to work, if that's any comfort. Doug -- On account of being a democracy and run by the people, we are the only nation in the world that has to keep a government four years, no matter what it does. -- Will Rogers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9907141509360.29705-100000>