Date: Mon, 19 Jun 2000 13:13:45 +0200 (MET DST) From: Tobias Roth <roth@iamexwi.unibe.ch> To: Roland Jesse <jesse@prinz-atm.CS.Uni-Magdeburg.De> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: hosts.allow: deny set but ping requests come through Message-ID: <Pine.GSO.4.10.10006191311330.17954-100000@degas> In-Reply-To: <0v66r6gcej.fsf@cs.uni-magdeburg.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> The first two lines of my /etc/hosts.allow are as follows: > > ALL : PARANOID : RFC931 20 : deny > ALL : general.URZ.Uni-Magdeburg.DE 141.44.2.1 : deny > > The second one is there to prevent ping requests from the specified > machine to mine without a need to set up a firewall. > > Using "tcpdump -a -i tx0 host arthur.cs.uni-magdeburg.de | grep general" > I still get the following: > > tcpdump: listening on tx0 > 12:53:38.083288 general.URZ.Uni-Magdeburg.DE > arthur.CS.Uni-Magdeburg.De: icmp: echo request > 12:53:38.083316 arthur.CS.Uni-Magdeburg.De > general.URZ.Uni-Magdeburg.DE: icmp: echo reply The 2nd line from hosts.allow says: # hosts.allow access control file for "tcp wrapped" applications. From that line you can get the following information: Access control works only with tcp wrapped applications. Your tcp dump says that you send out an ICMP reply. ICMP != tcp. greets, Tobe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.10.10006191311330.17954-100000>