On Mon, Apr 09, 2001 at 12:46:49AM +0200, Mario Vukelic wrote: > On 08 Apr 2001 14:33:20 -0800, Ethan Benson wrote: > > > yes he does, portmap in debian uses tcpwrappers without being run from > > inetd (which is impossible for portmap). > > Ethan Benson, you're my hero. I've been searching for this info for > hours now. All I need now is that you tell me that this ... > > sonic:/etc/init.d# tcpdchk > warning: /etc/hosts.allow, line 14: portmap: service possibly not > wrapped > warning: /etc/hosts.allow, line 15: mountd: no such process name in > /etc/inetd.conf > warning: /etc/hosts.allow, line 16: lockd: no such process name in > /etc/inetd.conf > warning: /etc/hosts.allow, line 17: statd: no such process name in > /etc/inetd.conf > sonic:/etc/init.d# these are warnings not errors, ignore them. > ... is ok. I have those in hosts.allow/deny (there is another mail in > thew current thread that details my setup, if you care), but somehow > wasn't sure if the libwrap stuff really is the way I believed it is > > Any comments appreciated portmap rules must use the ip address not a hostmask. since dns lookup isn't possible with portmap. (in some setups you need to contact the portmapper to do a dns lookup, so if dns is required to access portmapper you get into a catch-22). -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgptTbKtXYfxm.pgp
Description: PGP signature