Re: assimilating OpenBSD

On Wed, Feb 07, 2001 at 08:03:37AM -0500, Michael Stone wrote:
> On Wed, Feb 07, 2001 at 04:00:25AM -0900, Ethan Benson wrote:
> > statd has tcpwrappers support as of 0.2 or so.  (the version in
> > unstable does, potato's does not) 
> Shows how often I use nfs these days. :) I assume you're still screwed
> with lockd? And does this require another *specific* line in
> hosts.allow/deny?

yup your screwed with lockd, i don't see much of a way around that
since it appears to be a kernel thread and not a userland daemon (at
least on all my systems it seems that way..)  i got bit by statd
suddenly supporting tcpwrappers since i have the fascist ALL: ALL in
my hosts.deny. the line you need is:


for example.

its documented in the statd man page. 

i still am not convinced that it really works though, if i telnet to
the statd tcp port (found via rpcinfo -p localhost) from a machine NOT
listed in hosts.allow i don't get disconnected immediatly...  not very
scientific but then i don't really care too much since i don't have
this open to the outside world.  (any suggestions for a real test?) 

Ethan Benson

