Confused about tcp_wrappers and sshd
STYMA, ROBERT E (ROBERT)
stymar at lucent.com
Thu Sep 8 19:58:27 UTC 2005
>
> > /etc/hosts.allow and /etc/hosts.deny files.
> I just wanted to ask for a string for every of these both files that
> would serve the purposes these files are for. - As i read its mans and
> didn't get how to that myself...
> --
------------------ start ----------------------------
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
ALL: ALL
--------------------end --------------------------
The above /etc/hosts.deny file says deny everything which is
not specifically allowed in /etc hosts.allow
------------------ start ----------------------------
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
desoto
ALL: 123.123.36.72
ALL: 123.123.36.177
ALL: 127.0.0.1
ALL: 123.123.22.*
--------------------end --------------------------
The above hosts.allow file allows a node named desoto and
two nodes known by their IP address in. Also the loopback
is allowed so you can talk to yourself. Desoto can be
in your /etc/hosts. It also allows any node on the 123.123.22
subnet in.
More information about the fedora-list
mailing list