From owner-freebsd-questions Wed Nov 8 12:46:36 1995 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id MAA18758 for questions-outgoing; Wed, 8 Nov 1995 12:46:36 -0800 Received: from who.cdrom.com (who.cdrom.com [192.216.222.3]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id MAA18753 for ; Wed, 8 Nov 1995 12:46:32 -0800 Received: from palmer.demon.co.uk (palmer.demon.co.uk [158.152.50.150]) by who.cdrom.com (8.6.12/8.6.11) with ESMTP id MAA04325 for ; Wed, 8 Nov 1995 12:46:27 -0800 Received: from localhost (localhost [127.0.0.1]) by palmer.demon.co.uk (8.6.11/8.6.11) with SMTP id DAA10067 ; Wed, 8 Nov 1995 03:22:24 GMT To: Basket Case cc: Freebsd Questions Subject: Re: /etc/hosts.deny not working & PCVT Problems when returning from remote sites In-reply-to: Your message of "Mon, 06 Nov 1995 21:53:11 EST." Date: Wed, 08 Nov 1995 03:22:22 +0000 Message-ID: <10065.815800942@palmer.demon.co.uk> From: Gary Palmer Sender: owner-questions@freebsd.org Precedence: bulk Basket Case wrote in message ID : > I'm trying to block out a site from accessing my system at all and for > some odd reason I can't seem to get /etc/hosts.deny to work as I still get > connections from the site. For instance if I want to block out all > connections coming from abc.com -- the contents of /etc/hosts.deny is: > ALL: .abc.com > But oddly, that doesnt work. I tried -HUPing all processes (daemons) but > i still get connections from anyone coming in from .abc.com -- what do I > do to make sure that no one from a specific host is allowed to connect to > the system? It's not odd at all. The standard system daemons don't use /etc/hosts.allow and /etc/hosts.deny, the tcp wrapper package does, however. See ports/net/tcp_wrapper. Alternatively, you could compile ipfw into your kernel and use it as a packet filter to block out accesses from that domain. Gary