[prev in list] [next in list] [prev in thread] [next in thread] 

List:       inn-workers
Subject:    Re: using innd with tcp_wrappers
From:       Russ Allbery <rra () stanford ! edu>
Date:       2007-03-14 15:41:07
Message-ID: 87fy87rfxo.fsf () windlord ! stanford ! edu
[Download RAW message or body]

Bill Tangren <bjt@aa.usno.navy.mil> writes:

> I'm trying to restrict access to my server by using hosts.deny and
> hosts.allow.  The problem I'm having is that if I put

> ALL:ALL

> in hosts.deny, then my users can no longer get access to news
> groups. Does anyone know the magic words to place into hosts.allow to
> unblock newsgroup access? I allow use of port 119 only on the server
> itself (for whomever is sitting at the console), via the innd service. I
> allow outside connections only on port 563, via an xinetd service (the
> two use different readers.conf files).

INN itself doesn't link with TCP wrappers, so it's not the one imposing
the restriction.  In your case, xinetd is probably what's doing this, and
probably only on port 563.  Adding something like:

    nnrpd: ALL

to hosts.allow will probably do it if my guesses are right.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>

    Please send questions to the list rather than mailing me directly.
     <http://www.eyrie.org/~eagle/faqs/questions.html> explains why.

[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic