Hi Mark,

Hmmm, that's interesting.  My definition for "sendmail" in inetd.conf is
commented out, does sendmail start as part of the imap package?  I think it
does (been a long time since I looked), and imap starts with the "tcpd"
invocation (ftp, telnet and several others do as well).  When I check my
mail log (/var/log/mail) I can definitely see the hosts in /etc/hosts.deny
being blocked by tcpwrappers.  Here is an example:

Jul  8 18:14:41 linux sendmail[5070]: h68MEaPK005070: tcpwrappers (unknown,
80.148.20.0) rejection

So it appears that sendmail is using tcpwrappers.

Is the CIDR addressing format supported for /etc/hosts.deny in SuSE 8?

Michael Coffin, VM Systems Programmer 
Internal Revenue Service - Room�6030 
1111 Constitution Avenue, N.W. 
Washington, D.C.� 20224 

Voice: (202)�927-4188�� FAX:� (202) 622-6726
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>  



-----Original Message-----
From: Post, Mark K [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, July 08, 2003 3:46 PM
To: [EMAIL PROTECTED]
Subject: Re: SuSE 8 /etc/hosts.deny and CIDR


Michael,

Is your SMTP server actually _using_ tcpwrappers?  Most of them do not.  You
would have to be starting it like this:
        /usr/sbin/tcpd  /path/to/your/smtpdaemon

Mark Post

-----Original Message-----
From: Coffin Michael C [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 11:18 AM
To: [EMAIL PROTECTED]
Subject: SuSE 8 /etc/hosts.deny and CIDR


Hi Folks,

Can you use CIDR addressing in /etc/hosts.deny?  This is SuSE 8 by the way.

I've got a statement in hosts.deny which reads:

ALL: 192.168.0.0/18

to reject everything from 192.168. (actual IP's are different) but an IP
address in that range was allowed to connect to my SMTP server.  Shouldn't
tcpwrappers have blocked it? Michael Coffin, VM Systems Programmer Internal
Revenue Service - Room 6030 1111 Constitution Avenue, N.W. Washington, D.C.
20224
Voice: (202) 927-4188   FAX:  (202) 622-6726
[EMAIL PROTECTED]

Reply via email to