From owner-freebsd-stable Mon Jun 19 4: 5:19 2000 Delivered-To: freebsd-stable@freebsd.org Received: from csmd2.cs.uni-magdeburg.de (csmd2.CS.Uni-Magdeburg.De [141.44.22.2]) by hub.freebsd.org (Postfix) with ESMTP id 9487637B825 for ; Mon, 19 Jun 2000 04:05:14 -0700 (PDT) (envelope-from jesse@mail.CS.Uni-Magdeburg.De) Received: from knecht.cs.uni-magdeburg.de (jesse@knecht [141.44.21.3]) by csmd2.cs.uni-magdeburg.de (8.9.3/8.9.3) with ESMTP id NAA15192 for ; Mon, 19 Jun 2000 13:05:06 +0200 (MET DST) Received: (from jesse@localhost) by knecht.cs.uni-magdeburg.de (8.8.8+Sun/8.8.8) id NAA03005; Mon, 19 Jun 2000 13:04:21 +0200 (MET DST) X-Authentication-Warning: knecht.cs.uni-magdeburg.de: jesse set sender to jesse@cs.uni-magdeburg.de using -f To: freebsd-stable@freebsd.org Subject: hosts.allow: deny set but ping requests come through From: Roland Jesse Date: 19 Jun 2000 13:04:20 +0200 Message-ID: <0v66r6gcej.fsf@cs.uni-magdeburg.de> Lines: 23 User-Agent: Gnus/5.0803 (Gnus v5.8.3) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The first two lines of my /etc/hosts.allow are as follows: ALL : PARANOID : RFC931 20 : deny ALL : general.URZ.Uni-Magdeburg.DE 141.44.2.1 : deny The second one is there to prevent ping requests from the specified machine to mine without a need to set up a firewall. Using "tcpdump -a -i tx0 host arthur.cs.uni-magdeburg.de | grep general" I still get the following: tcpdump: listening on tx0 12:53:38.083288 general.URZ.Uni-Magdeburg.DE > arthur.CS.Uni-Magdeburg.De: icmp: echo request 12:53:38.083316 arthur.CS.Uni-Magdeburg.De > general.URZ.Uni-Magdeburg.DE: icmp: echo reply As I understand it that should not happen as the above deny rule doesn't allow *any* access from this general machine. My machine is -stable as of early June: % uname -a FreeBSD arthur.cs.uni-magdeburg.de 4.0-STABLE FreeBSD 4.0-STABLE #12: Sat Jun 10 18:10:53 CEST 2000 root@arthur.cs.uni-magdeburg.de:/usr/src/sys/compile/ARTHUR i386 Roland To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message