tcpdmatch(1Mtcp)
tcpdmatch --
predict how tcp wrappers will behave
Synopsis
tcpdmatch [-d]
[-i inet_conf] daemon[@server]
[user@client]
Description
tcpdmatch predicts how the tcp wrapper would handle a specific
request for service.
The program examines the tcpd access control tables (default
/etc/inet/hosts.allow and /etc/inet/hosts.deny)
and prints its conclusion.
For maximum accuracy, it extracts additional information
from your inetd network configuration file.
When tcpdmatch finds a match in the access control tables, it
identifies the matched rule. In addition, it displays the optional
shell commands or options in a pretty-printed format. This makes it
easier for you to spot any discrepancies between what you want and what
the program understands.
Arguments
The following two arguments are always required:
daemon[@server]-
A daemon process name.
Typically, the last component of a daemon
executable pathname.
The optionally specified server
may be a host name or network address, or one of the unknown
or paranoid wildcard patterns.
The default server name is `unknown'.
[user@]client-
A host name or network address, or one of the unknown
or paranoid wildcard patterns.
The optionally specified user is
a client user identifier, typically, a login name or a numeric userid.
The default user name is unknown.
When a client host name is specified, tcpdmatch gives a
prediction for each address listed for that client.
When a client address is specified, tcpdmatch predicts what
tcpd would do when client name lookup fails.
Options
tcpdmatch understands the following options:
-d-
Examine hosts.allow and hosts.deny files in the current
directory instead of the default ones.
-i inet_conf-
Specify this option when tcpdmatch is unable to find your
inetd network configuration file, or when
you suspect that the program uses the wrong one.
Files
/etc/inet/hosts.allow
/etc/inet/hosts.deny
References
hosts_access(4tcp),
inetd.conf(4tcp),
tcpdchk(1Mtcp)
Notices
Author
Wietse Venema (wietse@wzv.win.tue.nl),
Department of Mathematics and Computing Science,
Eindhoven University of Technology
Den Dolech 2, P.O. Box 513,
5600 MB Eindhoven, The Netherlands
Examples
To predict how tcpd would handle a telnet request from the local
system:
tcpdmatch in.telnetd localhost
The same request, pretending that hostname lookup failed:
tcpdmatch in.telnetd 127.0.0.1
To predict what tcpd would do when the client name does not match the
client address:
tcpdmatch in.telnetd paranoid
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004