Tcpwrapper does not work?
Dave McMurtrie
dave64 at andrew.cmu.edu
Fri Oct 8 07:40:43 EDT 2010
On 10/08/2010 07:24 AM, Paul van der Vlis wrote:
> Dave McMurtrie schreef:
>> On 10/08/2010 06:09 AM, Paul van der Vlis wrote:
>>> Hello,
>>>
>>> When I put in my /etc/hosts.deny this: imapd: 192.168.0.41
>>> And /etc/hosts.allow is empty.
>>>
>>> Then I still get my mail over IMAP from this IP with Cyrus.
>>>
>>> I use Cyrus 2.2.13 from Debian stable, so far I know this is compiled
>>> with tcpwrapper support.
>>>
>>> Does somebody understand this?
>>
>> Hi Paul,
>>
>> The service you specify for tcpwrappers in /etc/hosts.deny must be the
>> same as the service name you put in /etc/cyrus.conf. Most likely you
>> want to use "imap" as the service and not "imapd"
>
> I've tried it, and you are right (and so is Hajimu).
>
> Strange, in the manual of tcp-wrappers they say you need to use the
> processname...
It's difficult to document this correctly from the tcp-wrappers side
because libwrap doesn't determine the service name itself. Rather,
applications that link against libwrap have to tell libwrap the service
name they're using.
Wrapping a service with tcpd in inetd.conf was more intuitive because
the service name was specified on the same line in inetd.conf.
Thanks,
Dave
--
Dave McMurtrie, SPE
Email Systems Team Leader
Carnegie Mellon University,
Computing Services
More information about the Info-cyrus
mailing list