hosts.allow (50472) | hosts.allow (53685) |
---|---|
1# 2# hosts.allow access control file for "tcp wrapped" apps. | 1# 2# hosts.allow access control file for "tcp wrapped" apps. |
3# $FreeBSD: head/etc/hosts.allow 50472 1999-08-27 23:37:10Z peter $ | 3# $FreeBSD: head/etc/hosts.allow 53685 1999-11-25 03:00:44Z obrien $ |
4# 5# NOTE: The hosts.deny file is not longer used. Instead, put both 'allow' 6# and 'deny' rules in the hosts.allow file. 7# see hosts_options(5) for the format of this file. 8# hosts_access(5) no longer fully applies. 9 | 4# 5# NOTE: The hosts.deny file is not longer used. Instead, put both 'allow' 6# and 'deny' rules in the hosts.allow file. 7# see hosts_options(5) for the format of this file. 8# hosts_access(5) no longer fully applies. 9 |
10# This is an example! You will need to modify it for your specific 11# requirements! | 10# _____ _ _ 11# | ____| __ __ __ _ _ __ ___ _ __ | | ___ | | 12# | _| \ \/ / / _` | | '_ ` _ \ | '_ \ | | / _ \ | | 13# | |___ > < | (_| | | | | | | | | |_) | | | | __/ |_| 14# |_____| /_/\_\ \__,_| |_| |_| |_| | .__/ |_| \___| (_) 15# |_| 16# !!! This is an example! You will need to modify it for your specific 17# !!! requirements! |
12 | 18 |
19 |
|
13# Start by allowing everything (this prevents the rest of the file 14# from working, so remove it when you need protection). 15# The rules here work on a "First match wins" basis. 16ALL : ALL : allow 17 18# Wrapping sshd(8) is not normally a good idea, but if you 19# need to do it, here's how 20#sshd : .evil.cracker.example.com : deny --- 13 unchanged lines hidden (view full) --- 34 35# Exim is an alternative to sendmail, available in the ports tree 36exim : localhost : allow 37exim : .nice.guy.example.com : allow 38exim : .evil.cracker.example.com : deny 39exim : ALL : allow 40 41# Portmapper is used for all RPC services; protect your NFS! | 20# Start by allowing everything (this prevents the rest of the file 21# from working, so remove it when you need protection). 22# The rules here work on a "First match wins" basis. 23ALL : ALL : allow 24 25# Wrapping sshd(8) is not normally a good idea, but if you 26# need to do it, here's how 27#sshd : .evil.cracker.example.com : deny --- 13 unchanged lines hidden (view full) --- 41 42# Exim is an alternative to sendmail, available in the ports tree 43exim : localhost : allow 44exim : .nice.guy.example.com : allow 45exim : .evil.cracker.example.com : deny 46exim : ALL : allow 47 48# Portmapper is used for all RPC services; protect your NFS! |
49# (IP addresses rather than hostnames *MUST* be used here) |
|
42portmap : localhost : allow 43portmap : .nice.guy.example.com : allow 44portmap : .evil.cracker.example.com : deny 45portmap : ALL : allow 46 47# Provide a small amount of protection for ftpd 48ftpd : localhost : allow 49ftpd : .nice.guy.example.com : allow --- 15 unchanged lines hidden --- | 50portmap : localhost : allow 51portmap : .nice.guy.example.com : allow 52portmap : .evil.cracker.example.com : deny 53portmap : ALL : allow 54 55# Provide a small amount of protection for ftpd 56ftpd : localhost : allow 57ftpd : .nice.guy.example.com : allow --- 15 unchanged lines hidden --- |