mount to NFS server 'julie' failed: No route to host
Rick Stevens
rstevens at corp.alldigital.com
Thu Apr 12 21:44:32 UTC 2012
On 04/12/2012 02:32 PM, don fisher wrote:
<snip>
> In the old days, there were files /etc/hosts.allow and /etc/hosts.deny.
> As I recall, they had something to do with tcpd. Do they serve any
> purpose with ipchains?
No, /etc/hosts.[allow|deny] are part of the tcpwrapper system and thus
are in userspace (at the application level). Applications must be
compiled and linked with tcpwrappers for it to work. In other words,
it's "voluntary".
iptables is a kernel-level firewall. Packets have to get through
iptables before they're even "passed up the food chain" to be seen by
the tcpwrapper stuff. If iptables is active, then all network I/O goes
through iptables regardless of what an individual application wants. If
iptables denies a packet, then the upper level stuff won't even see the
packet in the first place.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks at alldigital.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- "People tell me I look at the dark side. That's not true. I have -
- the heart of a small boy......in a jar right here on my desk." -
- -- Stephen King -
----------------------------------------------------------------------
More information about the users
mailing list