ssh problems... sorted!

Andrew Andrew
Sat Sep 21 17:20:04 BST 2002


Paul,
Thanks for the pointer...I founds that the allow file is read first, so I
looked at my ruleset again, and the problem was in the hostname section:
ALL : 192.168.1.0/255.255.0.0 : allow

The problem was due to the central section - the subnet mask is not needed,
and consequently the line is skipped. My connection was going straight past
my allow lines to my deny line.

Oh, and by the way, the mixing of deny and allow rules is encouraged now -
in the comments to /etc/hosts.allow it says that hosts_access(5) is now out
of date(!) and both sets of rules go in the same file.

It's a case of the tutorial I used being a bit out of date/incorrect. I will
contact the author and let him know...

The tutorial is here:

http://www.schlacter.net:8500/public/FreeBSD-STABLE_and_IPFILTER.html


Thanks again,

Andrew.

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

qANQR1DBwU4DJI95F6fcofIQCADJ6guM3oTFY/j/w0CyA9wRP1Hr24SifOYR3Neu
xuzqLs2D7IxlzvjU8hOWH7v3ir8MWSqQN71zthk6wNimQoicpAPgxJQpvQJOdHSH
7ngKFCbBO60A5FYknhui4syi87xmg3Pqw9ZKL0iCbd9pCdLwdeUSo9cf2mlc+ysf
tyMuSSfZn1fN4LMIicjyxWvw8w9uquvPrY854aPB68F09z3W5F8WrpcKARYPOFeX
ashL5UzP6pygRAcRt8TOVn86fIvoLFMgSGONDoK0Rzbv/Uc98jfZCer7fqvnaCrt
Dgp7RkppjF85Q01qdH7mfukqYPv8EnUHC00EH/7VvmWRKrz0B/92CYTMyIOd5JA0
odNtEIONBREYybttDLUaRB3qwrEDPgDtuUmX7YUwyEnc5TAMJocLUKAUkFayK6Yv
ZE2NqoG6Bt3mAWw5x0JULll79FG2V1UMpt9Ryh9x6aq0AHIlA8fAYrLTmSLd21cs
o1cdLnpg/H5xtnbV+aIV5uFSXZFYlxYq1yV2r1qFzH4loqFVdJv/cF2ZrnGAbDLz
kQ1Tjt0PaJEVg/GlOM4h3lZWT27DBCKSm/4VBp4+wjbbeqy4K3+w6RkUOwtEXcKc
WCoLqKJ8EFZbBd90kORl4e0/zpJ7S+AZhmgbyjsJv5zpijK92PbvZaGLu2S6cnxX
SNz9RenqycMf1uwiCI+gb3nt6vYs9N3qJL6vy7MeErf6U8Qlh4eDtOcrfXW1txY4
ktJF55y0dwcC9ropXvk6FX908P0kWlJ5MwC872miAnNWCOF4vEk9pLWH2tE4Y9Q/
zsoPO4X+Kk3XLSzSzr3KTOVCXbVsGPWYPVFk6GYOGfD8RkgmcIiCJJvkdDW/hLak
uz3dEVU1Ea+XjuIwYJiDhKAC5vkijcTOZ59GfWU94jw3cXD8RDQzLhhaEvXViskU
Hz8k6ES9d93m12vyZyqW7tZRkyx2f0ErT8teywe88O6BUhf7OJ7SCuaF4qGCMPN8
keab3ewLINYQc6jjNCZMq9yHktPMr0lsFWAZg4cjZ76pe9dC5z8Ip589o0TR6FId
ZQhXB7h4Ccz6kkR2bt0IvAuMgq5k4UFUQ+tj5QVzJ0ReZcGK2h8IWu83yYuj1ndJ
z2NPvXB1TLKwoFxxhuE3+kEpoxTJ9XM0fnSPRtkYLQsiW72WdUhp2CRyruupqFaW
dyojsDCNDkhSVLbMZAjQsOPFxyahJFcgbff1e2EjINZrTsC+uSjNKoD111htVbL9
mrd9rS5dmIBr5oU62a/S21xnfelTcN8HQ7x7zFcx+v/iR09y0ybT8apNLDSHFFYb
SaV+AzkD7iz6tJ//LWlU0DuWgyddFxACOLdOZ9/OCW9eSnvARfBqT1pQALWxk9CX
VGLmzMwEZWH76u5PnrfABy3AMYZa9ciCTmvGJYy407rsLRbjiSEB04ORKHV/pRaJ
iPGLc9sQSL4dhL5Jw1auj8h/iDU3/c/XF9kHeu9ucieJhQhoOazF92eAtDtbeUAx
XZNW0cXCekRQhd1wMdp1jgOxW1nV+hydzk+8CPS40FaQoYcdxI38mZNvKtrfVtTR
PA0OwJXn0jK7eV8nWVDVffJCY7CB/Myg8hqJ8AKJ7EsnIYIMJYtM365WsG9bk5Wx
BXGrzkp96A1FItoPATY3OBEJmGATTvI24BKI0cDhGlp3SpQzZB+KUF83uylwIAIZ
rW3dp68/rSILTopVO+mO1wf3cO2VncvnGfxzWMMA5/6JTkXrv1O0ysFhgwd422Qu
6PTG/nwlEGc0br2QP/WUWo9eYeksH5TW+diPz4twMw7xJboj6drzM4pyAdalopL1
aKklPcwPZRMODY9MM2bsCUr0CxWA8bBwU7ZJWmrMg5mJmAkN8rdKOAJynpCd8phx
K5TOKz3rS2b+DVApa6qzIw/rVdwOHnHPNK2ywavSqDI/GlSk6z0vzCgciwNWsKc/
4BRazfyg1PCLgxSAl5pFsS6mayomhDPPapscP2WMroCnPDfbHASZ/w==
=l2xV
-----END PGP MESSAGE-----





More information about the Ukfreebsd mailing list