From owner-freebsd-questions@FreeBSD.ORG  Sun Jun  1 20:32:30 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CAFB437B401
	for <freebsd-questions@freebsd.org>;
	Sun,  1 Jun 2003 20:32:30 -0700 (PDT)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9B12443FB1
	for <freebsd-questions@freebsd.org>;
	Sun,  1 Jun 2003 20:32:29 -0700 (PDT)	(envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (on@banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.12.3/8.9.3) with ESMTP id h523WR0V072462
	for <freebsd-questions@freebsd.org>;
	Mon, 2 Jun 2003 10:32:27 +0700 (ICT)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.8.5/8.8.5) id KAA16838;
	Mon, 2 Jun 2003 10:34:06 +0700 (ICT)
Date: Mon, 2 Jun 2003 10:34:06 +0700 (ICT)
Message-Id: <200306020334.KAA16838@banyan.cs.ait.ac.th>
X-Authentication-Warning: banyan.cs.ait.ac.th: on set sender to
	on@banyan.cs.ait.ac.th using -f
From: Olivier Nicole <on@cs.ait.ac.th>
Cc: freebsd-questions@freebsd.org
In-reply-to: <20030602051705.T16654-100000@amour.ath.cx> (message from
	Alexander on Mon, 2 Jun 2003 05:26:15 +0200 (CEST))
References: <20030602051705.T16654-100000@amour.ath.cx>
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
Subject: Re: Changes to hosts.allow do no affect to inetd daemons some times
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jun 2003 03:32:31 -0000

>  Sometimes when I change my /etc/hosts.allow and kill and start again
> inetd, there is no difference. It's like I haven't edited
> /etc/hosts.allow. If I continue making changes and stop/start inetd there
> are no affections to the inetd daemons, they allow or deny as
> /etc/hosts.allow isn't modified since inetd was first started after the
> system bootstrapped.

My guess would be that some of the servers started with inetd are
still up-and running.

Remember that tcpwrapper will filter connection initiated through
inetd. If, say, your ftp server is runing and handling requests, it
will not be affected by your changes in hosts.allow. Your FTP server
does not know that tcpwrapper is ther actually.

So at same time you kill -HUp inetd, you should also kill all the
services started by inetd and that are running.

SSH does access tcpwrapper by itself, so it is not affected by this
behaviour.

Bests,

olivier