Hi ! I start my pop-server popper over the inetd with the tcpwrapper and want to deny every connection except the local network. I know about all the other possibilities but now I want to know how exactly the wrapper works. I wanted tested it by denying everything; I tried following in hosts.deny; pop2: ALL pop3: ALL popper: ALL pop2: ALL: DENY pop3: ALL: DENY and so on. but nothing seems to work. I still can connect to popper. I wrap the connection definitly through the tcpd. Syntaxerrors in hosts.deny are mentioned in the syslog if there are some and a pop-connections comes in. I deleted hosts.allow. No file in ~ that could overwrite hosts.deny. Why is the connections accepted ? Thx. Matthias Compositiv EDV- und Kommunikationslösungen, PC-Service Matthias Krawen Peiffersweg 9 22307 Hamburg Tel: 040 / 611 673 - 40 EMail: info@compositiv.de Fax: 040 / 611 673 - 41 http://www.compositiv.de
Matthias Krawen wrote:
Hi !
I start my pop-server popper over the inetd with the tcpwrapper and want to deny every connection except the local network. I know about all the other possibilities but now I want to know how exactly the wrapper works.
I wanted tested it by denying everything; I tried following in hosts.deny;
pop2: ALL pop3: ALL popper: ALL
pop2: ALL: DENY pop3: ALL: DENY
Put ALL:ALL in hosts.deny then put ALL:192.168 <-- 'internet class here' in your hosts.allow file. you do have syntax errors in your hosts.deny, pop2: ALL: DENY? thats in your hosts.deny so the 'DENY' part is not nessesary. good luck =o) btw, xinetd can beat bind services to a specific interface =o) -- Jason Fruge' | Maternity pay? Now every Tom, Dick geocajun@technogeeks.org | and Harry will get pregnant. -- Linux, the choice | Malcolm Smith of a GNU generation. |
participants (2)
-
Jason Fruge
-
Matthias Krawen