From owner-freebsd-questions@FreeBSD.ORG  Sun Mar 19 02:11:59 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2111316A471
	for <freebsd-questions@freebsd.org>;
	Sun, 19 Mar 2006 02:11:59 +0000 (UTC)
	(envelope-from chris@chrismaness.com)
Received: from ylpvm43.prodigy.net (ylpvm43-ext.prodigy.net [207.115.57.74])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 965E843D46
	for <freebsd-questions@freebsd.org>;
	Sun, 19 Mar 2006 02:11:58 +0000 (GMT)
	(envelope-from chris@chrismaness.com)
Received: from pimout7-ext.prodigy.net (pimout7-int.prodigy.net
	[207.115.4.147])
	by ylpvm43.prodigy.net (8.12.10 outbound/8.12.10) with ESMTP id
	k2J2C1Bd030459
	for <freebsd-questions@freebsd.org>; Sat, 18 Mar 2006 21:12:01 -0500
X-ORBL: [69.108.92.143]
Received: from [127.0.0.1] (adsl-69-108-92-143.dsl.irvnca.pacbell.net
	[69.108.92.143])
	by pimout7-ext.prodigy.net (8.13.4 outbound domainkey aix/8.13.4) with
	ESMTP id k2J2Bps3028554; Sat, 18 Mar 2006 21:11:57 -0500
Message-ID: <441CBDEA.7060402@chrismaness.com>
Date: Sat, 18 Mar 2006 18:11:54 -0800
From: Chris Maness <chris@chrismaness.com>
User-Agent: Thunderbird 1.5 (Windows/20051201)
MIME-Version: 1.0
To: Kris Kennaway <kris@obsecurity.org>
References: <441CA1F9.20301@chrismaness.com>
	<20060319004947.GA65074@xor.obsecurity.org>
	<441CB2D8.3090707@chrismaness.com>
	<20060319013253.GA65688@xor.obsecurity.org>
	<441CB86D.9080806@chrismaness.com>
	<20060319015553.GA66039@xor.obsecurity.org>
	<441CBB7B.3010900@chrismaness.com>
	<20060319020525.GA66294@xor.obsecurity.org>
In-Reply-To: <20060319020525.GA66294@xor.obsecurity.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: wsantee@gmail.com, freebsd-questions@freebsd.org
Subject: Re: hosts.allow ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Mar 2006 02:11:59 -0000

Kris Kennaway wrote:
> On Sat, Mar 18, 2006 at 06:01:31PM -0800, Chris Maness wrote:
>   
>> Kris Kennaway wrote:
>>     
>>> On Sat, Mar 18, 2006 at 05:48:29PM -0800, Chris Maness wrote:
>>>
>>>  
>>>       
>>>>> Sounds like something else is wrong with your hosts.allow then.
>>>>>      
>>>>>           
>>>  
>>>       
>>>> # Start by allowing everything (this prevents the rest of the file
>>>> # from working, so remove it when you need protection).
>>>> # The rules here work on a "First match wins" basis.
>>>> ALL : ALL : allow
>>>>    
>>>>         
>>> Kris
>>>  
>>>       
>> Sorry guys, that was the stupidist mistake...
>>     
>
> No worries, we've all been there :-D
>
> Kris
>
>   
How would I allow all sshd except those denied from the bottom of the 
file (since it is first match wins)?  The denyhost app adds entries at 
the bottom of the file.