Date: Wed, 14 Jul 1999 15:13:16 -0700 (PDT) From: Doug <Doug@gorean.org> To: Lance Woodson <lance@cswnet.com> Cc: freebsd-questions@freebsd.org Subject: Re: 3.2 hosts.allow Problems Message-ID: <Pine.BSF.4.05.9907141509360.29705-100000@dt054n86.san.rr.com> In-Reply-To: <378CFDFC.16B891CC@cswnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 14 Jul 1999, Lance Woodson wrote:
> > I want to be able to deny all conections except from three domains.
> > However, everything is getting denied. What am I doing wrong?
>
> > /etc/hosts.allow
> > ALL: 127.0.0.1: ALLOW
> > ALL: .a.com: ALLOW
> > ALL: .b.com: ALLOW
> > ALL: .c.com: ALLOW
> > telnetd: ALL: banners /usr/local/etc/banners
> > ALL: ALL: DENY
>
> Now nothing is being denied. To restart inetd, I am using "killall
> inetd;inetd".
First, you shouldn't have to start inetd for changes in
hosts.allow to take effect. Second, are you testing from a machine that is
not included in the "allow" rules? I know that may seem like an obvious
question, but sometimes it's the obvious things that bite you. :)
Also, to my knowledge it should not matter but I've always seen
rules for hosts.[allow,deny] written as:
ALL : ALL : DENY
rather than:
ALL: ALL: DENY
but it shouldn't matter.
Other than that, I'm out of ideas. The above _is_ the way it's
supposed to work, if that's any comfort.
Doug
--
On account of being a democracy and run by the people, we are the only
nation in the world that has to keep a government four years, no matter
what it does.
-- Will Rogers
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9907141509360.29705-100000>