Re: CVS trouble (was Re: Large changes to debian-cd => please test ! )
On 2000-05-22 at 11:06 +0200, Raphael Hertzog wrote:
> Le Mon, May 22, 2000 at 08:48:26AM +0200, Didier Chalm écrivait:
> > I got into the same trouble... :-( Does the CVS server make a reverse
> > DNS lookup ? My LAN is hidden behind a firewall and I can connect to
>
> I think so, Debian ships with the PARANOID option in /etc/hosts.deny ...
If this is what is going wrong, we have a bug in tcpd. How can we confirm
whether this is why I am being denied access to CVS? Who has access to
the logs on the Debian CVS server? The DNS for the machine I was using is
a little odd, but it should pass tcpd checks:
$ nslookup guardian.bilow.com
Server: localhost
Address: 127.0.0.1
Name: guardian.processinginnovations.com
Address: 207.51.126.2
Aliases: guardian.bilow.com
$ nslookup 207.51.126.2
Server: localhost
Address: 127.0.0.1
Name: guardian.bilow.com
Address: 207.51.126.2
$ nslookup guardian.processinginnovations.com
Server: localhost
Address: 127.0.0.1
Name: guardian.processinginnovations.com
Address: 207.51.126.2
Obviously, I could easily change the record so that GUARDIAN.BILOW.COM is
an A record rather than a CNAME record, but I did it this way originally
for a reason. Certainly, since the reverse is correct, this should pass
tcpd checks -- especially since the forward resolution adds nothing to
security in any way.
-- Mike
Reply to: