From owner-freebsd-stable Tue Jun 22 8: 1:20 1999 Delivered-To: freebsd-stable@freebsd.org Received: from noao.edu (noao.edu [140.252.1.54]) by hub.freebsd.org (Postfix) with ESMTP id BC89E14F3D for ; Tue, 22 Jun 1999 08:01:09 -0700 (PDT) (envelope-from grandi@noao.edu) Received: from mirfak.tuc.noao.edu (IDENT:grandi@mirfak.tuc.noao.edu [140.252.1.9]) by noao.edu (8.9.3/8.8.8/SAG-14Jan99) with ESMTP id IAA60527; Tue, 22 Jun 1999 08:01:03 -0700 (MST) (envelope-from grandi@noao.edu) Date: Tue, 22 Jun 1999 08:01:03 -0700 (MST) From: Steve Grandi X-Sender: grandi@mirfak.tuc.noao.edu To: John Saunders Cc: FreeBSD stable Subject: Re: inetd and libwrap issues In-Reply-To: <00e901bebc8c$e357ad90$6cb611cb@scitec.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You have to use numerical IP addresses (or the wildcard ALL) in the /etc/hosts.allow entries dealing with portmap. For an explanation, checkout the comment concerning -DHOSTS_ACCESS at the beginning of /usr/src/usr.sbin/portmap/pmap_check.c Time to file a pr. Steve Grandi On Tue, 22 Jun 1999, John Saunders wrote: > I have just converted over from a tcp_wrappers system to one using > the internal libwrap'ed inetd. For the most part I have got the > thing to work. One annoyance is that changes to /etc/hosts.allow > don't get automatically used until inetd is killed and re-started. > Does a SIGHUP work here, the man page doesn't mention it? > > However I have come unstuck getting NFS to work. It seems that > portmap also has code to access libwrap. However I have tried > many combinations of hosts.allow lines and killing portmap, but > have not yet had it work. My log file says... > > Jun 22 17:12:56 XXXXX portmap[78016]: connect from XXX.XX.XXX.X to \ > getport(nfs): request from unauthorized host > > The hosts.allow line is... > > portmap : localhost XXXXX.domain YYYYY.domain : allow > > When I kill off portmap and re-start it, rpcinfo -p shows... > > root@XXXXX:/ {510} # rpcinfo -p > program vers proto port > 100000 2 tcp 111 portmapper > 100000 2 udp 111 portmapper > > So it appears to have lost the RPC registrations for mountd and > nfsd. > > So what is the correct way to get the system back up and working > after what should be (or was before) a trivial change to the > hosts.allow file? > > Cheers. > -- +------------------------------------------------------------+ > . | John Saunders - mailto:john@nlc.net.au (EMail) | > ,--_|\ | - http://www.nlc.net.au/ (WWW) | > / Oz \ | - 02-9489-4932 or 041-822-3814 (Phone) | > \_,--\_/ | NORTHLINK COMMUNICATIONS P/L - Supplying a professional, | > v | and above all friendly, internet connection service. | > +------------------------------------------------------------+ > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > Steve Grandi, National Optical Astronomy Observatories/AURA Inc., Tucson AZ USA Internet: grandi@noao.edu Voice: +1 520 318-8228 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message