On Tue, 11 May 1999, Wilson Fletcher wrote:
1) Make sure tcp-wrappers are installed. Mine were I'm using RedHat 5.1
with kernel 2.034
they are.
2) You must modify your inetd.conf as specified in the FAQ. I used inetd I
did not use TCP wrappers
I made all the changes necessary as you could see in my previous message.
3) You must edit your hosts.allow as indicated in your email. Try putting
the IP of your computer only just to test it.
I'll try that but it should work with multiple hosts, too.
4) Correct me if I'm wrong but if you put "all: all: deny" into
/etc/hosts/deny aren't you denying all services ? My hosts.deny is empty.
Nope, access is granted when hosts.deny contains "all: all: deny" AND
hosts.allow contains "all: 127.0.0.1: allow". That's the way it works with
other daemons. I tried also with and empty hosts.deny file, no success.
5) I still had problems and so I restarted the Linux box (call me a
philistine). After that all was OK. (ie. I didn't have success in getting
it to register the changes to hosts.allow without restarting.)
Booting was unnecessary. hosts.{allow, deny} are read every time tcpd is
executed ie. when a daemon is started by inetd. So the changes take place
right away.
Anyway, back to my problem.
Has anyone succesfully configured selective relay with tcp_wrappers ??
Or do I have to install tcpserver ??
The problem is that I can't make qmail accept relayclients.
I did everything like they say in Qmail FAQ #5.4 but qmail-smtpd still
rejects any relay attempts. I get messages saing the domain is not listed
in rcpthosts. And I thought setting RELAYCLIENT would cause
qmail-smtpd to relay without reading rcpthosts... Do I have to recompile
tcp_wrappers or something ??
However, there seems to be something odd in the way qmail-smtpd
behaves: After putting "all: all:deny" into /etc/hosts.deny
(/etc/hosts.allow still contained the line "tcp-env: etc...") port 25
refused to answer at all. It didn't answer even if put "tcp-env: all:
allow" in /etc/hosts.allow. Weird.
some conf files:
---8---
/etc/hosts.allow:
ALL: 127.0.0.1, 192.168.0.0/255.255.255.0 : allow
tcp-env: 127.0.0.1, 192.168.0.1, 192.168.0.2: setenv RELAYCLIENT
# tried also:
# tcp-env: 127.0.0.1, 192.168.0.1, 192.168.0.2: setenv = RELAYCLIENT
# tcp-env: 127.0.0.1, 192.168.0.1, 192.168.0.2: setenv = RELAYCLIENT ""
# tcp-env: 127.0.0.1, 192.168.0.1, 192.168.0.2: setenv RELAYCLIENT ""
---8---
/etc/hosts.deny:
#ALL: ALL: deny
---8---
/etc/inetd.conf:
smtpstream tcp nowait qmaild /usr/sbin/tcpd
/var/qmail/bin/tcp-env /var/qmail/bin/qmail-smtpd
---8---
my system:
AMD K6@233 / Linux 2.2.7 / RedHat 6.0
qmail-1.03 (compiled from sources)
tcp_wrappers-7.6-7 (i386 rpm binary)
--
Jari Tenhunen - [EMAIL PROTECTED]
Stardate [-30]2961.86
