From owner-freebsd-questions Sun Oct 15 3: 5:58 2000 Delivered-To: freebsd-questions@freebsd.org Received: from iaehv.iae.nl (iaehv.IAE.nl [194.151.64.2]) by hub.freebsd.org (Postfix) with ESMTP id F3FB637B66C for ; Sun, 15 Oct 2000 03:05:51 -0700 (PDT) Received: by iaehv.iae.nl (Postfix, from userid 4786) id 2A6B07EAE; Sun, 15 Oct 2000 12:05:51 +0200 (CEST) From: "Martin Bartelds" To: "cjclark@alum.mit.edu" , "Crist J . Clark" Cc: "freebsd-questions@FreeBSD.ORG" Date: Sun, 15 Oct 2000 12:05:32 +0200 (CDT) Reply-To: "Martin Bartelds" X-Mailer: PMMail 2.10.2010 for OS/2 Warp 4.00 In-Reply-To: <20001014175127.D25121@149.211.6.64.reflexcom.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: Double reverse lookup: OFF !!!! Message-Id: <20001015100551.2A6B07EAE@iaehv.iae.nl> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello Crist, Yep, it's the first rule, however the comment in the files say's: first match goes and be warned: "with the standard configuration, it's completely open". I installed the (changed) tcpd wrapper for ftpd, however do still get the verify declines. Maybe that's because I didn't install it for the IP6 ftpd line. Otherwise, it's maybe ftpd who still does the checking, after tcpd did skip it. How did the tcp_wrappers enter ftpd (libraries) ? Martin. On Sat, 14 Oct 2000 17:51:27 -0700, Crist J . Clark wrote: >On Sun, Oct 15, 2000 at 01:11:12AM +0200, MB wrote: >> > On Sat, Oct 14, 2000 at 09:39:50PM +0200, Martin Bartelds wrote: >> > > Some of my customers can't connect to my 4.1 system with anonymous ftp. >> > > >> > > When it happens, I do get an error message on the console: >> > > "Can't verify hostname: getaddrinfo(....., AF_INET) failed." >> > > >> > > As far as I know, this is the paranoid double reverse lookup which fails to >> > > match the IP-number with the hostname. >> > > >> > > I do not want to let my customers stumble on this. >> > > How can I turn this off ? I did have a look in the ftpd & inetd >> > > daemon-sources, but did not find anything about it. >> > > >> > > >> > > Any Idea ? >> > >> > It's the TCP wrapper. If you want to find the source, look in >> > /usr/src/contrib/tcp_wrappers. What's in your /etc/hosts.{allow,deny}? >> >> host.allow does have: >> ALL:ALL:allow >> >> So I'm pretty much surprised, the connections get declined. > >That is the first rule, right? > >If you still have problems, you might consider running ftpd(8) as an >independent daemon outside of inetd(8). >-- >Crist J. Clark cjclark@alum.mit.edu > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > ----------------------------------------------------------------------- M.G.N. Bartelds BTSoftware European Shareware Registration & Distribution http://www.btsoftware.com ------------------------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message