Commit Graph

16 Commits

Author SHA1 Message Date
markm
ac1452ed35 Enable TCP_WRAPPERs for the NIS server. The protection afforded is
not massive, but usable.
2002-02-06 20:39:36 +00:00
dwmalone
0c4f6dc611 Clear up what the line "ALL : PARANOID : RFC931 20 : deny" means
to tcp wrappers. The description is a little long, but hopefully
accurate.
2001-08-18 14:22:52 +00:00
brian
cb2f1168d2 Fix a misleading comment
Submitted by:	Mark Knight <markk@knigma.org>
2001-05-02 09:29:20 +00:00
alex
5d0712d5d3 "Portmapper" -> "Rpcbind" in a comment. 2001-04-26 13:43:02 +00:00
alfred
a45654ed88 s/portmap/rpcbind
Pointed out by: Hajimu UMEMOTO <ume@mahoroba.org>
2001-03-20 21:02:39 +00:00
ume
b09b3120e9 Add some examples for IPv6 addresses.
PR:		conf/18614
Submitted by:	James Housley <jim@thehousleys.net>
2000-07-19 13:05:58 +00:00
sheldonh
a0597b6128 Add IP addresses to the rules required to "Allow anything from
localhost", since portmap(8) is included in "anything".

Submitted by:	Doug Barton <Doug@gorean.org>
2000-05-05 08:31:59 +00:00
cwt
c34ee5c602 Clarify the disposition of hosts.deny and provide a logically
consistent portmap example rule.
Reviewed by: obrien, markm
Obtained-good-ideas from: obrien
2000-03-28 17:28:56 +00:00
jkh
96a200fee3 The default rule in this file actually sent mail to root as its default
action when denying access to a service.  Unfortunately, this also makes
a dandy denial-of-service attack possible.  Change to just log the event
and shoot a "go away" response back down the socket.
2000-02-17 04:52:23 +00:00
obrien
39922b4fbe Fix English. Also use full spelling and reorg a little while I'm here.
Submitted by:	Andy Farkas <andyf@speednet.com.au>
2000-01-25 11:25:59 +00:00
obrien
68f9b25388 MFS: note that only IP addresses work when wrapping the portmapper.
Make clearer we consider this only an example, and admins should really
write this file for their needs.
1999-11-25 03:00:44 +00:00
peter
cdad5bae8c $Id$ -> $FreeBSD$ 1999-08-27 23:37:10 +00:00
sheldonh
42354f839f Add a sample entry for Exim, in preparation for the upcoming behaviour
change in the port, where TCP Wrapper support will become the default.

Requested by:	markm
1999-08-03 14:52:46 +00:00
obrien
ff73ed9a3c Use /usr/bin/finger rather than `safe_finger'. 1999-05-08 02:19:25 +00:00
markm
740ebe8328 Use more politically correct examples, and expand the examples a bit. 1999-04-08 19:08:53 +00:00
markm
3fbb024479 Add an example hosts.allow for the (base system) tcp_wrappers.
Anyone with good ideas for this is welcome to contribute.
1999-03-28 10:47:26 +00:00