xinetd and hosts.allow

[Jay Daniels]

I cannot get xinetd and tcp wrappers hosts.allow and hosts.deny to work.

/etc/hosts.allow
#
# hosts.allow   This file describes the names of the hosts which are
#               allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#

 
ALL: LOCAL, 192.168.2.0/255.255.255.0, darkforce.darktech.org, my_static_ip_here

# allow ssh connection from dialup at myisp disabled until resolved.
#sshd: 209.164.234.0/255.255.255.0

/etc/hosts.deny
ALL: ALL


I have tried several combination in hosts.allow and restarted xinetd,
but when I have the above lines uncommented I cannot send any mail via
smtp port 25 from localhost!

Any ideas?

This may all be redundant since the firewall is suppose to block
specified connections to these ports, but I was thinking tcp wrappers
would add to the security?

Also, I am still unclear how to edit /etc/hosts and my hosts file may
have something to do with it.

$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
192.168.2.1             darkforce.darktech.org darkforce #me
192.168.2.12            darkstar.darktech.org darkstar #my laptop
64.246.60.114           cobra.python-hosting.com cobra #my hosting

Should I have my gateway ip address in place of the 192.164.2.1?  How
does tcp wrappers distinguish between eth0 and eth1?

Note that I can leave hosts.allow and hosts.deny blank and all is
well, I can send mail from localhost, etc.

Is this even necessary if my firewall is working properly by allowing
connections from my local net and blocking certain connections from my
inet interface?



jay