From owner-freebsd-questions  Wed Mar 29  1: 7:39 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from axl.ops.uunet.co.za (axl.ops.uunet.co.za [196.31.1.175])
	by hub.freebsd.org (Postfix) with ESMTP id 49A8137C0C1
	for <freebsd-questions@freebsd.org>; Wed, 29 Mar 2000 01:07:33 -0800 (PST)
	(envelope-from sheldonh@axl.ops.uunet.co.za)
Received: from sheldonh (helo=axl.ops.uunet.co.za)
	by axl.ops.uunet.co.za with local-esmtp (Exim 3.13 #1)
	id 12aERb-0004xE-00; Wed, 29 Mar 2000 11:07:19 +0200
From: Sheldon Hearn <sheldonh@uunet.co.za>
To: David Babler <root@Rigel.orionsys.com>
Cc: FreeBSD Questions List <freebsd-questions@FreeBSD.ORG>
Subject: Re: hosts.allow for inetd internals? 
In-reply-to: Your message of "Fri, 24 Mar 2000 17:10:05 PST."
             <Pine.BSF.4.21.0003241702570.3123-100000@Rigel.orionsys.com> 
Date: Wed, 29 Mar 2000 11:07:19 +0200
Message-ID: <19047.954320839@axl.ops.uunet.co.za>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



On Fri, 24 Mar 2000 17:10:05 PST, David Babler wrote:

> Quick question... couldn't find an answer in the archives. Is it possible
> to selectively apply host.allow restrictions on processes (specifically
> auth/ident) that are internal to inetd, and if so, what process name
> applies?

Yes.  The difference is that you use the canonical service name (instead
of the daemon name) in /etc/hosts.allow.

> When I changed the inetd.conf entry to run a
> "real" internal identd, the auth/ident requests all got denied and
> logged. do I have to go back to the external daemon in order to be able to
> allow it?

To allow the use of the internal ``auth'' service from anywhere, add
this line:

auth: ALL : ALLOW

Ciao,
Sheldon.

PS: This is covered in the inetd(8) manual page.  I'm not telling you
    off; I just don't want you to think that this is arcane wisdom.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message