killerasp
03-31-2001, 05:33 PM
what do i need in hosts.allow to let localhost and ip. 123.456.789.101 in?
Click to See Complete Forum and Search --> : need help with hosts.allow
posterboy
03-31-2001, 06:08 PM
The format looks like this:
ALL: 127.0.0.1
ALL: somebox.domain.com
Ray
ALL: 127.0.0.1
ALL: somebox.domain.com
Ray
killerasp
03-31-2001, 06:57 PM
do i need to put in the second line?
bdg1983
04-01-2001, 06:43 AM
You can put in anything you like. I think the hosts.deny is read first and then hosts.allow. Configure accordingly.
'man hosts.allow' and 'man hosts.deny' should give you all you need and the correct syntax to allow ip's.
'man hosts.allow' and 'man hosts.deny' should give you all you need and the correct syntax to allow ip's.
bdl
04-01-2001, 12:44 PM
Actually, it's 'man 5 hosts_access' or just 'man hosts_access'. Your hosts.allow files should look like this:
# /etc/hosts.allow
ALL: LOCAL EXCEPT PARANOID
ALL: 123.456.789.101/netmask
## where netmask is your IP's netmask, whether its 255.255.255.0 or other.
Your /etc/hosts.deny file should contain at least:
ALL: ALL
...this will deny all other matches not found in hosts.allow. Luck!
PS: I should mention that you can list only the services you want allowed to only the hosts you want allowed, so for example, if the IP you gave only needs shell access and you still want to limit all other services (which is a good idea, only allow what is absolutely necessary) you could do so like this:
## another example /etc/hosts.allow
in.telnetd: 123.456.789.101/netmask
... and so on.
[ 01 April 2001: Message edited by: bdl ]
# /etc/hosts.allow
ALL: LOCAL EXCEPT PARANOID
ALL: 123.456.789.101/netmask
## where netmask is your IP's netmask, whether its 255.255.255.0 or other.
Your /etc/hosts.deny file should contain at least:
ALL: ALL
...this will deny all other matches not found in hosts.allow. Luck!
PS: I should mention that you can list only the services you want allowed to only the hosts you want allowed, so for example, if the IP you gave only needs shell access and you still want to limit all other services (which is a good idea, only allow what is absolutely necessary) you could do so like this:
## another example /etc/hosts.allow
in.telnetd: 123.456.789.101/netmask
... and so on.
[ 01 April 2001: Message edited by: bdl ]
bdg1983
04-01-2001, 05:39 PM
One of them should work...
I'm sure I've used 'man host.allow or deny' previously which also suggest the other man pages.
The point is, read the man pages.
I'm sure I've used 'man host.allow or deny' previously which also suggest the other man pages.
The point is, read the man pages.
justlinux.com
Copyright Internet.com Inc. All Rights Reserved.
Copyright Internet.com Inc. All Rights Reserved.