From owner-freebsd-isp Thu Nov 12 15:03:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA06358 for freebsd-isp-outgoing; Thu, 12 Nov 1998 15:03:12 -0800 (PST) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from fan.net.au (fan.net.au [203.20.92.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA06342 for ; Thu, 12 Nov 1998 15:03:07 -0800 (PST) (envelope-from q@fan.net.au) Received: from gromit.fan.net.au (gromit.fan.net.au [203.23.133.34]) by fan.net.au (8.9.1/8.9.1) with SMTP id JAA08381; Fri, 13 Nov 1998 09:02:28 +1000 (EST) Date: Fri, 13 Nov 1998 09:02:28 +1000 (EST) From: Q To: Dave Truesdell cc: Willow , freebsd-isp@FreeBSD.ORG Subject: Re: tcpd In-Reply-To: <1213.910904943@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 12 Nov 1998, Dave Truesdell wrote: > It looks like you've overdone things. Tcp Wrappers only work for TCP > services, they don't work for UDP or RPC based services. Also, Tcpd works for UDP services just fine. Read the doco. And there is rpcbind/portmap available for RPC services (Also by Wietse Venema). > wrapping identd is probably a bad idea as tcpd may need to query it, > is the rules require the information. Wrapping identd is fine provided you don't put a "user@host" rule in the identd access control list. You would probably want to disable -DPARANOID though if your wrapping identd, just to be friendly to people with broken DNS entries. Seeya...Q -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- _____ / Quinton Dolan - q@fan.net.au __ __/ / / __/ / / Systems Administrator / __ / _/ / / Fast Access Network __/ __/ __/ ____/ / - / Gold Coast, QLD, Australia _______ / Ph: +61 7 5574 1050 \_\ SAGE-AU Member To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message