Re: help: tcpwrappers aren't working!!
On Sun, 2001-12-02 at 14:41, Peter Jay Salzman wrote:
> mike, thank you!
>
> begin: Michael Heldebrant <hmike@portalofevil.com> quote
> > On Sun, 2001-12-02 at 12:22, Peter Jay Salzman wrote:
> > > begin: Peter Jay Salzman <p@dirac.org> quote
> >
> > Have you restarted inetd after changing your hosts files? Have you also
> > killed any reamining cvspserver processes after reloading inetd?
>
> i did. and just to make ABSOLUTELY sure, i did the unthinkable. i rebooted
> after weeks of uptime. *sigh*. i can still access the pserver from
> belial.ucdavis.edu
>
> > Does cvspserver try and run it's own standalone daemon from any
> > scripts? netstat -atp as root should show that inetd is listening for
> > the cvsperver ports, if it's not then you know it's starting from
> > somewhere else.
>
> cute. i never knew about the p switch.
>
> unfortunately, pserver is being run from inetd:
>
> Local Address Foreign Address State PID/Program name
> *:cvspserver *:* LISTEN 178/inetd
> *:printer *:* LISTEN 182/lpd
> *:time *:* LISTEN 178/inetd
> *:finger *:* LISTEN 178/inetd
> *:sunrpc *:* LISTEN 103/portmap
> *:x11 *:* LISTEN 276/X
> *:www *:* LISTEN 211/apache
> *:ftp *:* LISTEN 178/inetd
> *:ssh *:* LISTEN 191/sshd
> *:smtp *:* LISTEN 178/inetd
> satan.diablo.loca:32771 belial.ucdavis.edu:ssh ESTABLISHED 300/ssh
That's ... interesting, have you looked at the output of tcpdchk -v for
possible errors in the hosts files? It should also explain in great
detail the access control for cvspserver.
The only other thing I can think of is to look at syslog for messages
relating to inetd, tcpd, and csvpserver.
Perhaps a dumb question, but what does your DNS have to say about
belials ip address and the reverse lookup?
--mike
Reply to: