Re: [SLUG] TCP Wrapper error.

Thu, 07 Dec 2000 16:55:32 -0800 

Hi,

I made a post yesterday on two probs in getting tcpwrappers
working.
Prob 1 on my Linux box was getting a script fired off when a
rule was encountered: solved by Mathew.
Prob 2 was my IRIX box is not letting my Linux box in. Still
not solved but have done lots more checking.

I have used tcpchk and tcpmatch to check my hosts.allow and
hosts.deny against inetd.conf and it all reports OK. In the
example below 100.10.10. is not my real ip addr.

/etc/hosts.allow
        telnetd : 100.10.10.16  

/etc/hosts.deny
        ALL : ALL

In inetd.conf we have:
        telnet  stream  tcp     nowait  root    /usr/sbin/tcpd
telnetd
(the daemons live in /etc/sbin and are called this not
in.telnetd )

If I have in hosts.allow the line ALL : LOCAL then I can
connect as the logs show:
Dec  8 11:38:39 6C:mol telnetd[1070]: connect from
mylinuxbox
Dec  8 11:38:45 6E:mol login[1072]: ?@mylinuxbox as mikel

If I dont have ALL : LOCAL (and I dont want it) the logs
give:

Dec  8 11:58:50 6D:mol inetd[204]: received SIGHUP:
reconfiguring
...and when i try to connect by telnetting from my Linux box
....
Dec  8 11:32:16 4C:mol telnetd[1048]: refused connect from
mylinuxbox

"tcpdchk -v" gives...
>>> Rule /etc/hosts.allow line 6:
daemons:  telnetd
clients:  100.10.10.16
access:   granted

and tcpdmatch 
/etc# tcpdmatch telnetd mylinuxbox
client:   hostname mylinuxbox
client:   address  255.255.255.255
server:   process  telnetd
matched:  /etc/hosts.allow line 5
access:   granted

/etc# tcpdmatch telnetd 100.10.10.16
client:   address  100.10.10.16
server:   process  telnetd
matched:  /etc/hosts.allow line 6
access:   granted

So it looks like tcpwrappers SHOULD be letting in my Linux
box to the IRIX but it won't.
My guess is that the rule in hosts allow to allow mylinuxbox
in is not being met and the hosts.deny is catching it.
Any help appreciated.

Mike
-- 
--------------------------------------------------------------------
Michael Lake
University of Technology, Sydney
Email: mailto:[EMAIL PROTECTED] Ph: 02 9514 1724 Fx: 02
9514 1628 
URL: http://www.science.uts.edu.au/~michael-lake/
Linux enthusiast, active caver and interested in anything
technical.
--------------------------------------------------------------------


-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Reply via email to