On Sat, Apr 17, 2004 at 11:35:50AM -0400, Jay Daniels wrote: > I cannot get xinetd and tcp wrappers hosts.allow and hosts.deny to work. > > /etc/hosts.allow > # > # hosts.allow This file describes the names of the hosts which are > # allowed to use the local INET services, as decided > # by the '/usr/sbin/tcpd' server. > # > > > ALL: LOCAL, 192.168.2.0/255.255.255.0, darkforce.darktech.org, my_static_ip_here > The LOCAL should not be there. > # allow ssh connection from dialup@myisp disabled until resolved. > #sshd: 209.164.234.0/255.255.255.0 > > /etc/hosts.deny > ALL: ALL > > > I have tried several combination in hosts.allow and restarted xinetd, > but when I have the above lines uncommented I cannot send any mail via > smtp port 25 from localhost! > > Any ideas? > > This may all be redundant since the firewall is suppose to block > specified connections to these ports, but I was thinking tcp wrappers > would add to the security? > > Also, I am still unclear how to edit /etc/hosts and my hosts file may > have something to do with it. > > $ cat /etc/hosts > # Do not remove the following line, or various programs > # that require network functionality will fail. > 127.0.0.1 localhost.localdomain localhost > 192.168.2.1 darkforce.darktech.org darkforce #me > 192.168.2.12 darkstar.darktech.org darkstar #my laptop > 64.246.60.114 cobra.python-hosting.com cobra #my hosting > > Should I have my gateway ip address in place of the 192.164.2.1? How > does tcp wrappers distinguish between eth0 and eth1? > > Note that I can leave hosts.allow and hosts.deny blank and all is > well, I can send mail from localhost, etc. > > Is this even necessary if my firewall is working properly by allowing > connections from my local net and blocking certain connections from my > inet interface? > > > > jay > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list -- ------------------------------------------- Aaron Konstam Computer Science Trinity University One Trinity Place. San Antonio, TX 78212-7200 telephone: (210)-999-7484 email:akonstam@xxxxxxxxxxx
