From owner-freebsd-isp Sat Jun 27 12:28:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA17198 for freebsd-isp-outgoing; Sat, 27 Jun 1998 12:28:39 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from buffnet4.buffnet.net (buffnet4.buffnet.net [205.246.19.13]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA17192 for ; Sat, 27 Jun 1998 12:28:28 -0700 (PDT) (envelope-from shovey@buffnet.net) Received: from buffnet11.buffnet.net (buffnet11.buffnet.net [205.246.19.55]) by buffnet4.buffnet.net (8.7.5/8.7.3) with SMTP id PAA24044; Sat, 27 Jun 1998 15:28:28 -0400 (EDT) Date: Sat, 27 Jun 1998 15:28:27 -0400 (EDT) From: Steve Hovey To: ben@rosengart.com cc: isp@FreeBSD.ORG Subject: Re: configuring tcp_wrapper In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 27 Jun 1998, Snob Art Genre wrote: > I'm trying to configure tcp_wrapper to allow ftp access from the local > network but nowhere else. I've read the hosts_access(5) man page, and > written configuration files, but I'm not having any luck. > > Here's my ftpd line in inetd.conf: > > ftp stream tcp nowait root /usr/local/libexec/tcpd ftpd -l You ftpd deamon must be in the path you set for tcpd for the real programs > > My hosts.allow is empty, and my hosts.deny reads as follows: > > #disallow ftp access > ftpd: ALL EXCEPT 10.0.0.0/255.0.0.0 > You need to set host.deny to ALL then host.allow to 10.0.0.0/255.0.0.0 which ends up being deny all, but allow 10.0.0.0 etc connects. > Yet I find that I can connect via ftp from a shell account at my ISP > just as well as from the local network. > > I would greatly appreciate it if someone could tell me what I am doing > wrong. > > > Ben > > "You have your mind on computers, it seems." > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > ------------------------------------------------------------------ Steve Hovey Chief Network Administrator BuffNET More Than Just a Connection! ------------------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message