Warren Togami wrote:
Steve Dickson wrote:
>> Why do you not see that "deny on reverse DNS failure" is not mutually
>> exclusive with "enable TCP wrappers"? This is based upon a
>> MISINTERPRETATION of how tcp wrappers should behave. You are hard
>> coding policy into nfs-utils.
> Please tell how I check a 'mountd: <hostname>' entry in the
> /etc/hosts.deny with only an IP address without doing a reverse name
> lookup?
I am not saying "without doing a reverse name lookup". Just remove the
hardcoded part that makes it fatal.
which means the entry in /etc/hosts.deny will
be ignored possibly allowing
access to machine that should be denied.
steved.