On Wed, Sep 20, 2000 at 06:13:39PM -0500, Brice Ruth wrote:
> This would make sense, wouldn't it? But, it doesn't work :(
>
> I'm using tcprulescheck with a file that looks like this:
>
> .domain.net:allow,RELAYHOST=" "
> :deny
>
> and the response I get from tcprulescheck with TCPREMOTEHOST set to
> host.domain.net is:
>
> rule :
> deny connection
>From the tcprules page on DJB's site:
tcpserver looks for rules with various addresses:
1) $TCPREMOTEINFO@$TCPREMOTEIP, if $TCPREMOTEINFO is set;
2) $TCPREMOTEINFO@=$TCPREMOTEHOST, if $TCPREMOTEINFO is set and
$TCPREMOTEHOST is set;
3) $TCPREMOTEIP;
4) =$TCPREMOTEHOST, if $TCPREMOTEHOST is set;
5) shorter and shorter prefixes of $TCPREMOTEIP ending with a dot;
6) shorter and shorter suffixes of $TCPREMOTEHOST starting with a dot,
preceded by =, if $TCPREMOTEHOST is set;
7) =, if $TCPREMOTEHOST is set; and finally
8) the empty string.
It sounds to me like you want #6.
Ben
--
Ben Beuchler [EMAIL PROTECTED]
MAILER-DAEMON (612) 321-9290 x101
Bitstream Underground www.bitstream.net