" (notice service is listed as TCPD, not telnetd). So, no rules will work unless I add a line where ALL or TCPD is the = service=20 TCPD/ALL : ... : ... At which point everything works, well at least, the services started by = inetd(ftpd and telnetd). Now my rule for sshd doesn't seem to be affected, which works fine w/ a = rule of sshd : ALL : allow I don't know if it's a coincidence or not, but the services which give = me this trouble exactly the ones started from /etc/inetd.conf.=20 Now I have setup tcp_wrappers successfully before, the tcpd executable = is there in /usr/local/libexec inetd.conf is setup appropriately ... ftp stream tcp nowait root /usr/local/libexec/tcpd ftpd -lS telnet stream tcp nowait root /usr/local/libexec/tcpd telnetd ... My suspicion is that tcpd is not matching the incoming service = request(say, ftp) against a rule for the respective service (say, ftpd: = ALL: allow) b/c the service trying to be matched is tcpd, as evidenced by the macro = expansion in the very bottom default rule dislpaying the service as = tcpd. ALL : ALL \ : severity auth.info \ : twist /bin/echo "You are not welcome to use %d from %c." =3D=3D=3D>=20 Has anyone seen this problem before or has an idea what I am doing = wrong? Any help would be much appreciated by this new FreeBSD user. = Thanks in advance (and if you're reading this thanks for having enough = patience to spend your time reading this rambling message) Nathan Miller=20 ------=_NextPart_000_001A_01C137A8.894023C0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

I'm having trouble getting tcp_wrappers = set up=20 properly. The problem is this, when I setup /etc/hosts.allow with=20 what (I think) are valid rules, I get unexpected behavior. For = instance, when a I enter a rule such as:

telnetd : ALL : allow

and then try to telnet in from some = machine I get=20 the catch-all rule at the very bottom of a default=20 hosts.allow:

ALL : ALL : twist.... echo "you are not = allowed to=20 use %d from %h"

and the telnet client issues "you are = not allowed=20 to use tcpd from <the client's ip>" (notice service is listed as = TCPD, not=20 telnetd).

So, no rules will work unless I add a = line where=20 ALL or TCPD is the service

TCPD/ALL : ... : ...

At which point everything works, well = at least, the=20 services started by inetd(ftpd and telnetd).

Now my rule for sshd doesn't seem to be = affected,=20 which works fine w/ a rule of

sshd : ALL : allow

I don't know if it's a coincidence or = not, but the=20 services which give me this trouble exactly the ones started from=20 /etc/inetd.conf.

Now I have setup tcp_wrappers = successfully before,=20 the tcpd executable is there in /usr/local/libexec

inetd.conf is setup = appropriately

...

ftp = stream =20 tcp nowait root =20 /usr/local/libexec/tcpd ftpd -lS
telnet stream =20 tcp nowait root =20 /usr/local/libexec/tcpd telnetd
...

My suspicion is that tcpd is not = matching the=20 incoming service request(say, ftp) against a rule for the = respective=20 service (say, ftpd: ALL: allow)

b/c the service trying to be matched is = tcpd, as=20 evidenced by the macro expansion in the very bottom default rule = dislpaying=20 the service as tcpd.

ALL : ALL=20 \
: severity auth.info=20 \
: twist /bin/echo "You = are not=20 welcome to use %d from %c."
=3D=3D=3D>

Has anyone seen this problem before = or has an=20 idea what I am doing wrong? Any help would be much appreciated by = this new=20 FreeBSD user. Thanks in advance (and if you're reading this = thanks for=20 having enough patience to spend your time reading this rambling=20 message)

Nathan = Miller

------=_NextPart_000_001A_01C137A8.894023C0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message