24 Commits

Author SHA1 Message Date
mav
1e800dd8ab Disable libwrap (TCP wrappers) support in rpcbind by default, introducing
new command line options -W, to enable it when needed.

On my tests this change by almost ten times improves rpcbind performance.

No objections:	many, net@
2014-03-06 17:33:27 +00:00
ru
fbc656e8b0 Comment out lines that use example addresses and example.com names so
that local changes can be made more easily (without having to comment
these lines, and making the diff more readable).
2006-08-29 09:20:48 +00:00
csjp
6a0be273a2 Since NIS is an RPC based service, add a note that when adjusting access
controls in NIS, similar access controls should be considered for the
rpcbind as well.
2006-06-01 14:14:58 +00:00
ru
388e590f95 Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
ume
1372d441b5 The libwrap built with NO_INET6=yes cannot parse an IPv6 address.
So, mention it in comment.

Submitted by:	Dmitry Morozovsky <marck__at__rinet.ru>
MFC after:	2 days
2006-02-16 14:46:03 +00:00
ume
aedc433cf3 Use RFC 3849 address for examples.
Pointed out by:	mistral@imasy.or.jp
MFC after:	1 week
2004-08-03 08:58:34 +00:00
ume
5a48e6bc9f allow ::1 explicitly.
Pointed out by:	mistral@imasy.or.jp
MFC after:	1 week
2004-08-03 08:47:35 +00:00
schweikh
91f34482ca Removed whitespace at BOF, EOL & EOF. 2004-06-06 11:46:29 +00:00
markm
5351d0d669 Enable TCP_WRAPPERs for the NIS server. The protection afforded is
not massive, but usable.
2002-02-06 20:39:36 +00:00
dwmalone
4449dfd727 Clear up what the line "ALL : PARANOID : RFC931 20 : deny" means
to tcp wrappers. The description is a little long, but hopefully
accurate.
2001-08-18 14:22:52 +00:00
brian
b9667fbcd9 Fix a misleading comment
Submitted by:	Mark Knight <markk@knigma.org>
2001-05-02 09:29:20 +00:00
alex
4a1ef867b2 "Portmapper" -> "Rpcbind" in a comment. 2001-04-26 13:43:02 +00:00
alfred
1a9d157324 s/portmap/rpcbind
Pointed out by: Hajimu UMEMOTO <ume@mahoroba.org>
2001-03-20 21:02:39 +00:00
ume
2988979ab5 Add some examples for IPv6 addresses.
PR:		conf/18614
Submitted by:	James Housley <jim@thehousleys.net>
2000-07-19 13:05:58 +00:00
sheldonh
d23c57bbfd Add IP addresses to the rules required to "Allow anything from
localhost", since portmap(8) is included in "anything".

Submitted by:	Doug Barton <Doug@gorean.org>
2000-05-05 08:31:59 +00:00
cwt
25904dc02e Clarify the disposition of hosts.deny and provide a logically
consistent portmap example rule.
Reviewed by: obrien, markm
Obtained-good-ideas from: obrien
2000-03-28 17:28:56 +00:00
jkh
9c75578bb8 The default rule in this file actually sent mail to root as its default
action when denying access to a service.  Unfortunately, this also makes
a dandy denial-of-service attack possible.  Change to just log the event
and shoot a "go away" response back down the socket.
2000-02-17 04:52:23 +00:00
obrien
fffe75d935 Fix English. Also use full spelling and reorg a little while I'm here.
Submitted by:	Andy Farkas <andyf@speednet.com.au>
2000-01-25 11:25:59 +00:00
obrien
bc55786850 MFS: note that only IP addresses work when wrapping the portmapper.
Make clearer we consider this only an example, and admins should really
write this file for their needs.
1999-11-25 03:00:44 +00:00
peter
289c0d262f $Id$ -> $FreeBSD$ 1999-08-27 23:37:10 +00:00
sheldonh
28565e43c2 Add a sample entry for Exim, in preparation for the upcoming behaviour
change in the port, where TCP Wrapper support will become the default.

Requested by:	markm
1999-08-03 14:52:46 +00:00
obrien
2ec87bd360 Use /usr/bin/finger rather than `safe_finger'. 1999-05-08 02:19:25 +00:00
markm
dbf9f08c56 Use more politically correct examples, and expand the examples a bit. 1999-04-08 19:08:53 +00:00
markm
6cbcd29274 Add an example hosts.allow for the (base system) tcp_wrappers.
Anyone with good ideas for this is welcome to contribute.
1999-03-28 10:47:26 +00:00