[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Possible hosts.allow problem

On Wed, 29 Dec 1999, Carl Fink wrote:

carlf >In order to use IP-Masq I had to edit hosts.allow to accept
carlf >connections from my own other PC.  The only uncommented line there now
carlf >reads:
carlf >
carlf >ALL: LOCAL 198.168.1.*

ipmasq has nothing to do with tcp_wrappers, it is a firewalling and packet
forwarding/translation deal.  hosts.allow is pretty much used for things
listed in /etc/inetd.conf.


carlf >ALL: PARANOID
carlf >
carlf >Surely that should be blocking anything not on my local LAN.  What's
carlf >up?

that line blocks ALL incoming connections(or at least tries) to daemons in
/etc/inetd.conf from all hosts, no matter where they are. if what you are
trying to do is ipmasq that does not connect to any services on the linux
box only passes through the kernel's firewall rules.

nate


----------------------------------------[mailto:aphro@aphroland.org ]--
   Vice President Network Operations       http://www.firetrail.com/
  Firetrail Internet Services Limited      http://www.aphroland.org/
       Everett, WA 425-348-7336            http://www.linuxpowered.net/
            Powered By:                    http://comedy.aphroland.org/
    Debian 2.1 Linux 2.0.36 SMP            http://yahoo.aphroland.org/
-----------------------------------------[mailto:aphro@netquest.net ]--
11:30pm up 132 days, 11:24, 3 users, load average: 2.67, 2.40, 1.94
Reply to: