tcp wrapper "mis-configuration"

tcp wrapper "mis-configuration"

Post by Lis » Wed, 11 Dec 2002 01:17:07



Hi All:

Our Solaris 8 machine has tcp_wrappers 7.6 installed using default
configuration.
I configured /etc/inet/inetd.conf and /etc/hosts.allow /etc/hosts.deny

Problem:
It refuses all connections when I activate /etc/hosts.deny. It seems
as if /etc/hosts.deny supercedes /etc/hosts.allow.

configuration:
I dont have an /etc/resolv.conf. The server resides in a "quarantine"
segment where only limited IP segments are allowed.

/etc/inet/inetd.conf
#ftp    stream  tcp6    nowait  root    /usr/sbin/in.ftpd      
in.ftpd
ftp     stream  tcp6    nowait  root    /usr/local/bin/tcpd    
in.ftpd
#telnet stream  tcp6    nowait  root    /usr/sbin/in.telnetd  
in.telnetd
telnet  stream  tcp6    nowait  root    /usr/local/bin/tcpd    
in.telnetd
#

/etc/hosts.allow
ALL: 192.168., 120.251., 136.145., 10.156.

/etc/hosts.deny
in.ftpd: ALL
in.telnetd: ALL
in.rshd: ALL

Output of tcpdchk -v:
:/etc>tcpdchk -v
Using network configuration file: /etc/inet/inetd.conf

Quote:>>> Rule /etc/hosts.allow line 1:

daemons:  ALL
clients:  192.168. 120.251. 136.145. 10.156.
access:   granted

Quote:>>> Rule /etc/hosts.deny line 1:

daemons:  in.ftpd
clients:  ALL
access:   denied

Quote:>>> Rule /etc/hosts.deny line 2:

daemons:  in.telnetd
clients:  ALL
access:   denied

Quote:>>> Rule /etc/hosts.deny line 3:

daemons:  in.rshd
warning: /etc/hosts.deny, line 3: in.rshd: no such process name in
/etc/inet/inetd.conf
clients:  ALL
access:   denied

Will not being able to resolve names cause a problem?

Any help will be appreciated.
Thanks ALL!

 
 
 

tcp wrapper "mis-configuration"

Post by Casper H.S. Di » Wed, 11 Dec 2002 09:25:32



>Our Solaris 8 machine has tcp_wrappers 7.6 installed using default
>configuration.

The IPv6 capable version?

What errors are logged?

Casper