TCPDMATCH(8) TCPDMATCH(8)
NAME
tcpdmatch - tcp wrapper oracle
SYNOPSIS
tcpdmatch [-d] [-i inet_conf] daemon client tcpdmatch [-d] [-i inet_conf] daemon[@server] [user@]client
DESCRIPTION
tcpdmatch predicts how the tcp wrapper would handle a spe- cific request for service. Examples are given below. The program examines the tcpd access control tables (default /etc/hosts.allow and /etc/hosts.deny) and prints its conclusion. For maximal accuracy, it extracts addi- tional information from your inetd or tlid network config- uration file. When tcpdmatch finds a match in the access control tables, it identifies the matched rule. In addition, it displays the optional shell commands or options in a pretty-printed format; this makes it easier for you to spot any discrep- ancies between what you want and what the program under- stands.
ARGUMENTS
The following two arguments are always required: daemon A daemon process name. Typically, the last compo- nent of a daemon executable pathname. client A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns. When a client host name is specified, tcpdmatch gives a prediction for each address listed for that client. When a client address is specified, tcpdmatch pre- dicts what tcpd would do when client name lookup fails. Optional information specified with the daemon@server form: server A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns. The default server name is `unknown'. Optional information specified with the user@client form: user A client user identifier. Typically, a login name or a numeric userid. The default user name is 1 TCPDMATCH(8) TCPDMATCH(8) `unknown'.
OPTIONS
-d Examine hosts.allow and hosts.deny files in the current directory instead of the default ones. -i inet_conf Specify this option when tcpdmatch is unable to find your inetd.conf or tlid.conf network configu- ration file, or when you suspect that the program uses the wrong one.
EXAMPLES
To predict how tcpd would handle a telnet request from the local system: tcpdmatch in.telnetd localhost The same request, pretending that hostname lookup failed: tcpdmatch in.telnetd 127.0.0.1 To predict what tcpd would do when the client name does not match the client address: tcpdmatch in.telnetd paranoid On some systems, daemon names have no `in.' prefix, or tcpdmatch may need some help to locate the inetd configu- ration file.
FILES
The default locations of the tcpd access control tables are: /etc/hosts.allow /etc/hosts.deny
SEE ALSO
tcpdchk(8), tcpd configuration checker hosts_access(5), format of the tcpd access control tables. hosts_options(5), format of the language extensions. inetd.conf(5), format of the inetd control file. tlid.conf(5), format of the tlid control file.
AUTHORS
Wietse Venema (wietse@wzv.win.tue.nl), Department of Mathematics and Computing Science, Eindhoven University of Technology Den Dolech 2, P.O. Box 513, 5600 MB Eindhoven, The Netherlands 2
Powered by man-cgi (2024-08-26). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.