From owner-freebsd-isp Fri Jan 17 17:08:15 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id RAA11397 for isp-outgoing; Fri, 17 Jan 1997 17:08:15 -0800 (PST) Received: from eternal.dusk.net (root@eternal.dusk.net [207.219.16.2]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id RAA11391 for ; Fri, 17 Jan 1997 17:08:12 -0800 (PST) Received: (from expert@localhost) by eternal.dusk.net (8.8.4/8.8.4) id VAA06835 for freebsd-isp@freebsd.org; Fri, 17 Jan 1997 21:09:05 -0400 (AST) From: Christian Hochhold Message-Id: <199701180109.VAA06835@eternal.dusk.net> Subject: tcp_wrappers To: freebsd-isp@freebsd.org Date: Fri, 17 Jan 1997 21:09:05 -0400 (AST) X-URL: http://www.dusk.net & http://www.vampires.net X-Moto: Live for today and let the future take care of itself X-Mailer: ELM [version 2.4ME+ PL22 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Evenin' I have tcp wrappers running on my shell machine, with twist so it displayes a nice message to any individual trying to connect who is not in the hosts.allow file. I've just found that hosts.allow doesn't like wildcards, as one of my clients is part of another major ISP, and instead of at least being able to just allow access to the pop where he dials into, I now have to allow ALL the ISP's POP's to connect. Obivously this is a risk, in order to allow one person to telnet in, I have to allow the whole nation to telnet in as well. I've tried (as examples) *@pop-prov*.isp.name pop*.isp.name pop-prov.isp.name to no avail. Does anyone have any suggestions / recommendations as to what one can do about this? Thank You in advance, Christian