From owner-freebsd-hackers Tue Jun 4 10:31:29 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA27124 for hackers-outgoing; Tue, 4 Jun 1996 10:31:29 -0700 (PDT) Received: from asstdc.scgt.oz.au (root@asstdc.scgt.oz.au [202.14.234.65]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA27115 for ; Tue, 4 Jun 1996 10:31:16 -0700 (PDT) Received: (from imb@localhost) by asstdc.scgt.oz.au (8.7.5/BSD4.4) id DAA11743 Wed, 5 Jun 1996 03:28:24 +1000 (EST) From: michael butler Message-Id: <199606041728.DAA11743@asstdc.scgt.oz.au> Subject: Re: Can i use hosts.deny??? To: jesus@abaforum.es (Jesus Rodriguez) Date: Wed, 5 Jun 1996 03:28:22 +1000 (EST) Cc: hackers@FreeBSD.ORG In-Reply-To: <199606041632.SAA06654@scugat1.abaforum.es> from "Jesus Rodriguez" at Jun 4, 96 06:32:07 pm X-Mailer: ELM [version 2.4 PL24beta] Content-Type: text Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Jesus Rodriguez writes: > Hi... can i use hosts.allow and hosts.deny in freebsd??? Sure, however, you must install the tcp_wrapper port as follows .. (as "root") cd /usr/ports/security/tcp_wrapper make all install .. then edit /etc/inetd.conf, find inetd's pid and "kill -HUP inetd-pid". Then create /usr/local/etc/hosts.allow and/or /usr/local/etc/hosts.deny > If i can, wich format i must use for them??? As documented in the man page (hosts_access), both files (in /usr/local/etc) can be simple like .. popper: 202.14.234.64/255.255.255.240 nntpd: .scgt.oz.au nntpd: news@newshost.telstra.net news@fullofruit.aarnet.edu.au .. or far more complex, as you might wish. > I want allow telnet access to some specific machines, but have free the > rest of services. This is dependent on both your /etc/inetd.conf and the hosts.* files. You choose which ones you wish to encapsulate and the permissions that go along with each service, michael