search for: hosts_access

...+ char fwd[80]; + void (*sigch) (int); + int res; + struct request_info req; + + snprintf(fwd, sizeof(fwd), "sshdfwd-%d", c->host_port); + request_init(&req, RQ_DAEMON, fwd, RQ_FILE, newsock, NULL); + fromhost(&req); + sigch = signal(SIGCHLD, SIG_DFL); + res = hosts_access(&req); + signal(SIGCHLD, sigch); + if (!res) { + packet_send_debug("refused forwarded connection from %.500s to local port %d.", + eval_client(&req), c->host_port); + error("forwarded connection from %.500s to local port %d refused.", + eval_...

I am unable to get 2.0.beta4 to compile. I get the following errors: /usr/lib64/gcc/x86_64-slackware-linux/4.3.3/../../../../lib64/libwrap.a(hosts_access.o): In function `host_match': hosts_access.c:(.text+0x625): undefined reference to `yp_get_default_domain' collect2: ld returned 1 exit status make[3]: *** [tcpwrap] Error 1 make[3]: Leaving directory `/root/dovecot/dovecot-2.0.beta4/src/util' make[2]: *** [all-recursive] Error 1 make[2...

Hi thanks Roger. Well I'm just using Ubuntu Server 16.04 LTS I only ran that command as a few guides say that's how to establish if a daemon is compiled with tcp wrappers: https://www.cyberciti.biz/faq/tcp-wrappers-hosts-allow-deny-tutorial/ I haven't really used TCP wrappers before so I'm not even sure if my hosts.allow entries are correct: upsd : ipaddressofclientgoeshere ups

hey folks, I keep seeing this on the internet "The user name lookup feature of TCP Wrappers uses identd to identify the username of the remote host. By default, this feature is disabled, as identd may appear hung when there are a large number of TCP connections." but I cant seem to find out how/where to enable said feature. Jason

...in abort () from /usr/lib/libc_r.so.4 #2 0x2813b266 in pthread_exit () from /usr/lib/libc_r.so.4 #3 0x280fbf0a in _longjmp () from /usr/lib/libc_r.so.4 #4 0x2809ef2f in process_options () from /usr/lib/libwrap.so.3 #5 0x2809eeef in process_options () from /usr/lib/libwrap.so.3 #6 0x2809fe01 in hosts_access () from /usr/lib/libwrap.so.3 #7 0x2809fbc8 in hosts_access () from /usr/lib/libwrap.so.3 #8 0x805a91f in getsockname () #9 0x8050a39 in getsockname () #10 0x804ac4c in getsockname () #11 0x8049ebb in getsockname () #12 0x8049d2a in getsockname () #13 0x8049c21 in getsockname () (gdb) Any ideas...

...ot;; +#endif fd = net_accept(LOGIN_LISTEN_FD, &remote_ip, &remote_port); if (fd < 0) { @@ -77,6 +88,17 @@ return; } +#ifdef LIBWRAP + strlcat(daemon, login_protocol, sizeof(daemon)); + request_init(&req, RQ_DAEMON, daemon, RQ_FILE, fd, NULL); + fromhost(&req); + if (!hosts_access(&req)) { + i_info("libwrap: access denied"); + net_disconnect(fd); + return; + } +#endif + if (net_getsockname(fd, &local_ip, &local_port) < 0) { memset(&local_ip, 0, sizeof(local_ip)); local_port = 0; @@ -99,6 +121,10 @@ struct client *client; struct ssl...

Is there anyway to specify a range of IP addresses such as 128.1.10.11 to 128.1.10.29 in this parameter ? I cannot find the man page for hosts_access(5) as mentioned in the smb.conf documentation. Thanks Robert

...lssh -lopenbsd-compat -lwrap -lz -lsocket -lnsl -lcrypto Undefined first referenced symbol in file method_kbdint auth2.o getipnodebyname ./libwrap.a(misc.o) inet_pton ./libwrap.a(hosts_access.o) inet_ntop ./libwrap.a(socket.o) freehostent ./libwrap.a(misc.o) ld: fatal: Symbol referencing errors. No output written to sshd collect2: ld returned 1 exit status *** Error code 1 make: Fatal error: Command failed for target `sshd' I am att...

Hi, I am using nsd as my authority-only dns servers and find it fast, stable, reliable - all of the design goals you set out for, great. I have a zone that is intended only to be visible to people on my network. In bind I would enforce this with an 'allow-query' configuration directive. I checked the latest 'nsd-for-bind-users' document, and 'allow-query' is not

...> >so I get a trace of what happens, at least during testing. > >> ups : monuser at 127.0.0.1/32 monuser at masterstaticIP >monuser at slavestaticIP > >I'm not sure what you are trying to do here. In any case, the >daemon_list should specify upsd, not ups. See man 5 hosts_access. > >Rogr > >_______________________________________________ >Nut-upsuser mailing list >Nut-upsuser at lists.alioth.debian.org >http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ---------...

...at HP-Opreon:/# upscmd PowerWalker at localhost test.battery.start.deep Username (root): admin Password: Unexpected response from upsd: ERR ACCESS-DENIED /etc/hosts.allow: <code> # /etc/hosts.allow: list of hosts that are allowed to access the system. # See the manual pages hosts_access(5) and hosts_options(5). # # Example: ALL: LOCAL @some_netgroup # ALL: .foobar.edu EXCEPT terminalserver.foobar.edu # # If you're going to protect the portmapper use the name "rpcbind" for the # daemon name. See rpcbind(8) and rpc.mountd(8) for further information. # u...

Greetings everyone.... I tried posting this once before, but got no response. When I run liveice, I get an "Error:sending data to remote server message" from liveice, and then it hangs (I actually have to open another console window to kill the process). The IceCast server respond with the following: Kicking source 1 [127.0.0.1] [Access Denied (tcp wrappers (source connection))]

Hi. Is there any way to limit access to dovecot by domains. I only need to give access to a well known set of domains, all from Australia and all networks are known and used either from people at home or mobile access (phones, laptops etc). iptables is not possible as e.g. OPTUS does not give away all of the networks mobile phones are connected to. I know some, but not all. It would be much

...edomain) & : DENY so I get a trace of what happens, at least during testing. > ups : monuser at 127.0.0.1/32 monuser at masterstaticIP monuser at slavestaticIP I'm not sure what you are trying to do here. In any case, the daemon_list should specify upsd, not ups. See man 5 hosts_access. Rogr

On 10/14/2015 11:39 AM, Jason Welsh wrote: > but I cant seem to find out how/where to enable said feature. See the man pages for hosts_options and hosts_access. It is rare for systems to support RFC 931 and common for firewalls to drop requests (creating long delays in connections), so user name lookup is probably only useful within a private network of systems that you control, on which you have enabled identd on each client system.

http://bugzilla.mindrot.org/show_bug.cgi?id=948 Summary: high CPU in sshd after tcp_wrappers deny Product: Portable OpenSSH Version: 3.9p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

...key |collect2: ld returned 1 exit status |configure: failed program was: |#line 6346 "configure" |#include "confdefs.h" |#include <tcpd.h> | int deny_severity = 0, allow_severity = |0; |int main() { |hosts_access(0); |; return 0; } So not libwrap is missing but instead the skey library. Please change the configure error message to contain the right information. Thanks. Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6...

....o session.o -L. -L/usr/lib -L/usr -lssh -lopenbsd-compat -ldl -lnsl -lz -lutil -lpam -lcrypto sshd.o: In function `main': sshd.o(.text+0x16f0): undefined reference to `request_init' sshd.o(.text+0x16f9): undefined reference to `sock_host' sshd.o(.text+0x16ff): undefined reference to `hosts_access' sshd.o(.text+0x171e): undefined reference to `refuse' collect2: ld returned 1 exit status make: *** [sshd] Error 1 Please feel free to contact me for any information about my system you may need. Generic info as follows: Dual-PPro 200 192 MB RAM 40 GIGS of drive space, plenty...

Hello, I have just found little bug in OpenSSH's tcp_wrappers handling. In file sshd.c you can find: if (!hosts_access(&req)) { close(sock_in); close(sock_out); refuse(&req); } If username was not requierd for authorization (for example you are refusing all connection from specific host) refuse will return "sshd: re...

...Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: jap3003+opensshbugs at ksu.edu sshd does not log connections that succeed the hosts_access() function. Failed connections are logged in tcp wrappers [via refuse()], but special care must be taken to log connections that succeed. It's not a show-stopper, since other, more detailed logging mechanisms exist, but it'd be a nice thing to have, since it shows that the allowed connect...