From owner-freebsd-current@FreeBSD.ORG Thu Feb 16 22:28:08 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B846616A420; Thu, 16 Feb 2006 22:28:08 +0000 (GMT) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (vc4-2-0-87.dsl.netrack.net [199.45.160.85]) by mx1.FreeBSD.org (Postfix) with ESMTP id 56CA543D45; Thu, 16 Feb 2006 22:28:08 +0000 (GMT) (envelope-from imp@bsdimp.com) Received: from localhost (localhost.village.org [127.0.0.1] (may be forged)) by harmony.bsdimp.com (8.13.3/8.13.3) with ESMTP id k1GMPthj012302; Thu, 16 Feb 2006 15:25:55 -0700 (MST) (envelope-from imp@bsdimp.com) Date: Thu, 16 Feb 2006 15:25:55 -0700 (MST) Message-Id: <20060216.152555.71099274.imp@bsdimp.com> To: marck@rinet.ru From: Warner Losh In-Reply-To: <20060216135805.K91053@woozle.rinet.ru> References: <20060216135805.K91053@woozle.rinet.ru> X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0 (harmony.bsdimp.com [127.0.0.1]); Thu, 16 Feb 2006 15:25:55 -0700 (MST) Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org, ume@freebsd.org Subject: Re: hosts.allow default behaviour: IPv6 on its own lines X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Feb 2006 22:28:08 -0000 From: Dmitry Morozovsky Subject: hosts.allow default behaviour: IPv6 on its own lines Date: Thu, 16 Feb 2006 14:03:37 +0300 (MSK) > Dear colleagues, > > at least rpcbind brokes on parsing hosts.allow file when built with NO_INET6: > > Feb 16 13:55:41 ... rpcbind: error: /etc/hosts.allow, line 42: missing option name > Feb 16 13:55:41 ... rpcbind: connect from 127.0.0.1 to getport/addr(mountd): request from unauthorized host > > Maybe split default line to simplify commenting second one out? > > Index: hosts.allow > =================================================================== > RCS file: /home/ncvs/src/etc/hosts.allow,v > retrieving revision 1.19 > diff -u -r1.19 hosts.allow > --- hosts.allow 3 Aug 2004 08:58:34 -0000 1.19 > +++ hosts.allow 16 Feb 2006 10:58:00 -0000 > @@ -36,7 +36,9 @@ > > # Allow anything from localhost. Note that an IP address (not a host > # name) *MUST* be specified for rpcbind(8). > -ALL : localhost 127.0.0.1 [::1] : allow > +ALL : localhost 127.0.0.1 : allow > +# Comment out next line if you use kernel without IPv6. > +ALL : [::1] : allow > ALL : my.machine.example.com 192.0.2.35 : allow > > # To use IPv6 addresses you must enclose them in []'s The comment isn't quite right. If the kernel doesn't have IPv6, then it is fine. It is only if userland is compiled with NO_IPV6 that there's a problem.