RE: xinetd and hosts.allow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

If you want to allow your local network (and local system) to use all the
services on your server, but also prevent all untrusted systems, then you
could use this syntax in your /etc/hosts.allow file:

ALL: EXCEPT 127.0.0.1,192.168.2. :DENY

This assumes that all the systems in your network are in the 192.168.2
network.

You will also need to delete the /etc/hosts.deny file so that it does not
conflict with what you are specifying in the /etc/hosts.allow file.

Tom

-----Original Message-----
From: fedora-list-bounces@xxxxxxxxxx
[mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Jay Daniels
Sent: Sunday, April 18, 2004 12:56 AM
To: For users of Fedora Core releases
Subject: Re: xinetd and hosts.allow


On Sat, Apr 17, 2004 at 07:45:58PM -0500, Thomas Amwoza wrote:
> It makes it easier, to me anyhow, to specify everything in one file 
> using that syntax.  You can say ALLOW, or DENY in the third column and 
> eliminate the need for a separate hosts.deny file.  You can read more 
> about it by typing "man hosts_options" at a terminal prompt.
>
> Tom
>


So I should put DENY at the end instead of ALLOW?


jay


> -----Original Message-----
> From: fedora-list-bounces@xxxxxxxxxx 
> [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Aaron Konstam
> Sent: Saturday, April 17, 2004 6:38 PM
> To: For users of Fedora Core releases
> Subject: Re: xinetd and hosts.allow
>
>
> On Sat, Apr 17, 2004 at 11:10:46AM -0500, Thomas Amwoza wrote:
> > Delete the /etc/hosts.deny file (or rename it hosts.deny.bak) and 
> > use this syntax in the /etc/hosts.allow file:
> >
> > ALL: LOCAL, 192.168.2.0/255.255.255.0, darkforce.darktech.org, 
> > my_static_ip_here : ALLOW
> >
> >
> > Tom
> I have never sen that syntax with :ALLOW That seems wrong.
> --
> -------------------------------------------
> Aaron Konstam
> Computer Science
> Trinity University
> One Trinity Place.
> San Antonio, TX 78212-7200
>
> telephone: (210)-999-7484
> email:akonstam@xxxxxxxxxxx
>
>
> --
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
> ---





--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux