tcpdchk - tcp wrapper configuration checker
tcpdchk [-a] [-d] [-i inet_conf] [-v]
tcpdchk examines your tcp wrapper configuration and reports
all potential
and real problems it can find. The program examines the
tcpd(8) access
control files (by default, these are /etc/hosts.allow and
/etc/hosts.deny), and compares the entries in these files
against entries
in the inetd(8) network configuration file.
tcpdchk reports problems such as non-existent pathnames;
services that
appear in tcpd(8) access control rules, but are not controlled by
tcpd(8); services that should not be wrapped; non-existent
host names or
non-internet address forms; occurrences of host aliases instead of official
host names; hosts with a name/address conflict; inappropriate use of
wildcard patterns; inappropriate use of NIS netgroups or
references to
non-existent NIS netgroups; references to non-existent options; invalid
arguments to options; and so on.
Where possible, tcpdchk provides a helpful suggestion to fix
the problem.
The options are as follows:
-a Report access control rules that permit access without an explicit
ALLOW keyword.
-d Examine hosts.allow and hosts.deny files in the current directory
instead of the default ones.
-i inet_conf
Specify this option when tcpdchk is unable to find
your
inetd.conf network configuration file, or when you
wish to test
with a non-default one.
-v Display the contents of each access control rule.
Daemon lists,
client lists, shell commands and options are shown
in a prettyprinted
format; this makes it easier for you to spot
any discrepancies
between what you want and what the program
understands.
/etc/hosts.allow access control table (allow list)
/etc/hosts.deny access control table (deny list)
hosts_access(5), hosts_options(5), inetd.conf(5),
tcpdmatch(8)
Wietse Venema ([email protected]),
Department of Mathematics and Computing Science,
Eindhoven University of Technology
Den Dolech 2, P.O. Box 513,
5600 MB Eindhoven, The Netherlands
OpenBSD 3.6 June 23, 1997
[ Back ] |
