[lug] hosts.deny syntax
dan radom
dradom at redback.com
Tue Jun 19 16:17:34 MDT 2001
The syntax you're looking for is ALL : 192.168.0.0/255.255.255.0 or ALL : 10.0.0.0/255.255.0.0
taken from man hosts.deny...
An expression of the form `n.n.n.n/m.m.m.m´ is interpreted as a
`net/mask´ pair. A host address is matched if `net´ is equal to the
bitwise AND of the address and the `mask´. For example, the net/mask
pattern `131.155.72.0/255.255.254.0´ matches every address in the range
`131.155.72.0´ through `131.155.73.255´.
...
dan
* D. Stimits (stimits at idcomm.com) wrote:
> I'm trying to clean up some /etc/hosts.deny items for a relatively new
> RH 7.1 install. There are a few trouble domains I want completely
> blocked (ipchains already does this, but I want xinetd to also ignore
> them through its tcpwrappers mechanism). Basically, I want something
> like this for a /16 domain:
> ALL: 123.456.
>
> Or this for a /24:
> ALL: 123.456.789.
>
> But this is not doing what I want, and for example, web browsers can
> still get out and receive a reply from those domains. So is it mandatory
> to add a service or daemon name as well? E.G., must I do something like:
> in.httpd: ALL: 123.456.
>
> ?
>
> D. Stimits, stimits at idcomm.com
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list