Re: tlug: wildcards in /etc/hosts.deny

[Frank Bennett <bennett@example.com>]

Jim Schweizer <schweiz_nospam@example.com> writes:

> Did you know there's nothing apropos for hosts.deny? No man page,
> nothing in Running Linux, Practical UNIX & Internet Security, UNIX
> System Administration Handbook or the Linux Network Administrator's
> Guide!
> 
> Anyway, are wildcards like * allowed? For example can I do:
> 
> ALL : *.goo.ne.jp
> ALL : *.melco.co.jp

The following clips of text are from the man page called up by
"man hosts.deny" under RedHat Sparc Linux 4.1.  I think it
tells you what you need to know.


HOSTS_ACCESS(5)                                   HOSTS_ACCESS(5)

NAME
       hosts_access - format of host access control files



MOSTLY OPEN
       Here, access is granted by default; only explicitly speci-
       fied hosts are refused service.

       The default policy (access granted) makes the  allow  file
       redundant  so that it can be omitted.  The explicitly non-
       authorized hosts are listed in the deny file. For example:

       /etc/hosts.deny:
          ALL: some.host.name, .some.domain
          ALL EXCEPT in.fingerd: other.host.name, .other.domain

       The first rule denies some hosts and domains all services;
       the second rule still permits finger requests  from  other
       hosts and domains.


Cheers,
-- 
-x80
Frank G Bennett, Jr         @@
Faculty of Law, Nagoya Univ () email: bennett@example.com
Tel: +81[(0)52]789-2239     () WWW:   http://rumple.soas.ac.uk/~bennett/
---------------------------------------------------------------
Next Nomikai: 20 November, 19:30 Tengu TokyoEkiMae 03-3275-3691
Next Meeting: 12 December, 12:30 Tokyo Station Yaesu central gate
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp