Hi Paul, Scott, > Actually, if I remember correctly, the tcp wrapper library can check > a directory in etc as well, so a package like p9100 could create an > /etc/hosts.allow.d/p9100 file (don't recall the exact > path). > AFAIK this is not possible (at least I couldn't find any traces of it in the source or the man pages).
> Frankly, though, tcpwrappers is really obsolete and redundant. I > realize that some folks wouldn't use ipfilter, but almost everyone else > does. Why have tcpwrappers and ipfilter. Make the default to allow. > Not enterily, (quote:) tcpwrappers intercepts the connection attempt, then examines its configurations files, and decides whether to accept or reject the request. Tcpwrappers controls access at the application level, rather than the socket level like iptables. I do like Scott's suggestion as an intermediate solution for this. Eric > > On Jan 30, 2007, at 4:54 PM, groups, freeman wrote: > > >> Eric Faden wrote: >> >>> Found it..... hosts.allow. >>> >>> >>> -Eric >>> >>> >> Wow. >> >> >> I went thorough the same painful discovery of hosts.allow as did Eric >> (for me it was p9100). At the time I posted about this issue and made >> some suggestions but nothing was agreed upon between all we various >> opinions :) Perhaps with a another victim and the new configdb a >> suitable adjustment can be made to minimize the likelihood of someone >> else consuming hours to discover the 'reach' of hosts.allow. >> >> >> So...since packages no longer own particular config files (i.e. the >> config data is stored in a single location, regardless of the package/s >> that requires it) could a *menu option* be added to p9100.lrp, pptp.lrp >> and whatever other packages are known to be impacted by hosts.allow, >> that permits editing of the hosts.allow file?. (Call it a hint to the >> user that hosts.allow is important to the package they are configuring). >> >> >> Thoughts? >> >> >> scott >> >> ---------------------------------------------------------------------- >> --- >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to >> share your opinions on IT & business topics through brief surveys - and >> earn cash http://www.techsay.com/default.php? >> page=join.php&p=sourceforge&CID=DEVDEV >> ---------------------------------------------------------------------- >> -- >> leaf-user mailing list: leaf-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/leaf-user >> Support Request -- http://leaf-project.org/ >> > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share > your opinions on IT & business topics through brief surveys - and earn > cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
