From owner-freebsd-stable  Mon Jun 19  4:13:49 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from mailhub.unibe.ch (mailhub.unibe.ch [130.92.254.109])
	by hub.freebsd.org (Postfix) with ESMTP id C666D37BCBA
	for <freebsd-stable@FreeBSD.ORG>; Mon, 19 Jun 2000 04:13:45 -0700 (PDT)
	(envelope-from roth@iamexwi.unibe.ch)
Received: from CONVERSION-DAEMON by mailhub.unibe.ch (PMDF V5.2-32 #42480)
 id <0FWE00701F1FGJ@mailhub.unibe.ch> for freebsd-stable@FreeBSD.ORG; Mon,
 19 Jun 2000 13:10:38 +0200 (MET DST)
Received: from iamexwi.unibe.ch (haegar.unibe.ch [130.92.71.10])
 by mailhub.unibe.ch (PMDF V5.2-32 #42480)
 with ESMTP id <0FWE001JVF1EP8@mailhub.unibe.ch>; Mon,
 19 Jun 2000 13:10:27 +0200 (MET DST)
Received: from degas.unibe.ch (degas [130.92.62.31])
 by iamexwi.unibe.ch (8.8.8+Sun/8.8.8) with ESMTP id NAA05684; Mon,
 19 Jun 2000 13:13:51 +0200 (MET DST)
Received: from localhost (roth@localhost)	by degas.unibe.ch (8.9.1b+Sun/8.9.1)
 with ESMTP id NAA17999; Mon, 19 Jun 2000 13:13:45 +0200 (MET DST)
Date: Mon, 19 Jun 2000 13:13:45 +0200 (MET DST)
From: Tobias Roth <roth@iamexwi.unibe.ch>
Subject: Re: hosts.allow: deny set but ping requests come through
In-reply-to: <0v66r6gcej.fsf@cs.uni-magdeburg.de>
X-Sender: roth@degas
To: Roland Jesse <jesse@prinz-atm.CS.Uni-Magdeburg.De>
Cc: freebsd-stable@FreeBSD.ORG
Message-id: <Pine.GSO.4.10.10006191311330.17954-100000@degas>
MIME-version: 1.0
Content-type: TEXT/PLAIN; charset=US-ASCII
Content-transfer-encoding: 7BIT
X-Authentication-warning: degas.unibe.ch: roth owned process doing -bs
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


> The first two lines of my /etc/hosts.allow are as follows:
> 
> ALL : PARANOID : RFC931 20 : deny
> ALL : general.URZ.Uni-Magdeburg.DE 141.44.2.1 : deny
> 
> The second one is there to prevent ping requests from the specified
> machine to mine without a need to set up a firewall.
> 
> Using "tcpdump -a -i tx0 host arthur.cs.uni-magdeburg.de | grep general" 
> I still get the following:
> 
> tcpdump: listening on tx0
> 12:53:38.083288 general.URZ.Uni-Magdeburg.DE > arthur.CS.Uni-Magdeburg.De: icmp: echo request
> 12:53:38.083316 arthur.CS.Uni-Magdeburg.De > general.URZ.Uni-Magdeburg.DE: icmp: echo reply

The 2nd line from hosts.allow says:

# hosts.allow access control file for "tcp wrapped" applications.

From that line you can get the following information:
Access control works only with tcp wrapped applications. Your tcp dump
says that you send out an ICMP reply. ICMP != tcp.

greets, Tobe




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message