From owner-FreeBSD-users-jp@jp.FreeBSD.org Thu May 23 03:25:59 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g4MIPxS12397;
	Thu, 23 May 2002 03:25:59 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from cttsv003.ctt.ne.jp (cttsv003.ctt.ne.jp [210.166.4.131])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g4MIPwv12392
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Thu, 23 May 2002 03:25:58 +0900 (JST)
	(envelope-from uchiyama@pp.iij4u.or.jp)
Received: from uchiyama.pp.iij4u.or.jp (u217.d026166210.ctt.ne.jp [210.166.26.217]) by cttsv003.ctt.ne.jp (8.9.3/3.7W99111611) id DAA18028 for <FreeBSD-users-jp@jp.FreeBSD.org>; Thu, 23 May 2002 03:25:53 +0900 (JST)
To: FreeBSD-users-jp@jp.FreeBSD.org
In-reply-to: <20020522213249T.harrier@seiryu.cim.hkg.ac.jp>
References: <20020522194952.F34B.UCHIYAMA@pp.iij4u.or.jp>
 <20020522213249T.harrier@seiryu.cim.hkg.ac.jp>
From: Koji Uchiyama <uchiyama@pp.iij4u.or.jp>
Message-Id: <20020523032313-9455N.uchiyama@pp.iij4u.or.jp>
Date: Thu, 23 May 2002 03:23:13 +0900
X-Dispatcher: imput version 20000228(IM140)
Mime-Version: 1.0
Content-Type: Text/plain; charset=iso-2022-jp (auto-converted from EUC)
Lines: 112
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020417
X-Sequence: FreeBSD-users-jp 68603
Subject: [FreeBSD-users-jp 68603] Re: /etc/hosts.allow
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: uchiyama@pp.iij4u.or.jp


On Wed, 22 May 2002 21:32:49 +0900,
in message <20020522213249T.harrier@seiryu.cim.hkg.ac.jp>,
Hiroyuki Une <harrier@seiryu.cim.hkg.ac.jp> wrote:

>> FreeBSD 4.4-RELEASE $B$G(B /etc/hosts.allow $B$O%*%j%8%J%k$N$^$^$@$H(B
>> 35 $B9TL\$N(B ALL : PARANOID : RFC931 20 : deny $B$K$?$I$j$D$/A0$K(B
>> 23 $B9TL\$N(B ALL : ALL : allow $B$K%^%C%A$7$F$*$7$^$$$G$O$J$$$G$7$g$&$+!)(B

>jman 5 hosts_access $B$7$F$_$?$i(B
>
>       PARANOID
>              $BL>A0$,%"%I%l%9$K%^%C%A$7$J$$$9$Y$F$N%[%9%H$K%^%C(B $B%A(B
>              $B$7(B $B$^$9!#(B tcpd $B$,(B -DPARANOID ($B%G%U%)%k%H%b!<%I$G$9(B)
>              $BIU$-$G9=C[$5$l$?>l9g!"%"%/%;%9@)8fI=$r8!:w(B $B$9(B $B$k(B $BA0(B
>              $B$K!"(B $B$3$N$h$&$J%/%i%$%"%s%H$+$i$NMW5a$rMn$H$7$^$9!#(B
>              $B$3$N$h$&$JMW5a$KBP$7$F99$K@)8f$r9T(B $B$$(B $B$?(B $B$$(B $B>l(B $B9g!"(B
>              -DPARANOID $B$J$7$G9=C[$7$F$/$@$5$$!#(B
>
>$B$H$"$j$^$7$?$N$G!"%3%a%s%H%"%&%H$5$l$F$$$h$&$,$$$^$$$,(B
>$B$3$N9T$G5qH]$5$l$?$N$HF1$8$h$&$J>uBV$K$J$j$^$9!#(B
>/usr/src/contrib/tcp_wrappers/Makefile $B$rFI$s$@$H$3$m!"(B
>-DPARANOID $B;XDj$7$F$"$C$?$N$G4V0c$$$J$$$G$7$g$&!#(B

$B$A$c$s$H%^%K%e%"%k$rFI$^$J$$$+$i%P%A$,Ev$C$?$+$H;W$$!"(B
$B$"$o$F$F<B83$7$F$_$^$7$?!#(B

$B$H$3$m$,!"(B

    $B%"%/%;%9@)8fI=$r8!:w$9$kA0$K!"(B 
    $B$3$N$h$&$J%/%i%$%"%s%H$+$i$NMW5a$rMn$H$7$^$9!#(B

$B$H$$$&$N$r$&$^$/H/@8$5$;$k$3$H$,$G$-$^$;$s!#(B

address->hostname->address $B$,%^%C%A$7$J$$@_Dj$K$7$?$j!"(B
hostname->address $B$,<:GT$9$k$h$&$J@_Dj$K$7$?$j!"(B
inetd, syslogd $B$N:F5/F0!"(Bnameserver $B>e$N(B named $B$N:F5/F0$d(B
$B:G8e$O(B reboot $B$b$7$F$_$^$7$?$,!"$I$&$b$&$^$/$$$-$^$;$s!#(B

$BD4$Y$F$_$?$N$G$9$,!"(B

    /usr/src/contrib/tcp_wrappers/Makefile $B$O(B -DPARANOID $B$"$j(B
    /usr/src/lib/libwrap/Makefile          $B$O(B -DPARANOID $B$J$7(B

$B$J$N$G!"$I$&$d$i(B

    FreeBSD $B$G$O<B:]$K$O(B -DPARANOID $B$N;XDj$J$7(B

$B$N$h$&$G$9!#<B:]!"(B

    cd /usr/src/contrib/tcp_wrappers && make REAL_DAEMON_DIR=/tmp/test netbsd
    $B$@$H(B -DPARANOID $B$"$j(B

    cd /usr/src/lib/libwrap && make
    $B$@$H(B -DPARANOID $B$J$7(B

$B$K$J$j$^$7$?!#(B



$B$3$3$^$G$OG<F@$7$?$N$G$9$,!"(B
-DPARANOID $B$rDI2C$7$F$b@\B3$G$-$F$7$^$$!"(B
$B2?$+8m2r$7$F$$$k$N$G$O$J$$$+$HG:$s$G$$$^$9!'(B

$B$5$i$KDI;n$H$$$&$3$H$G(B

    /usr/src/lib/libwrap/Makefile $B$K(B -DPARANOID $B$rDI2C$7$?>e$G(B
    cd /usr/src/lib/libwrap && make && make install
    shutdown -r now

$B$7$F(B

    $B%"%/%;%9@)8fI=$r8!:w$9$kA0$K!"(B 
    $B$3$N$h$&$J%/%i%$%"%s%H$+$i$NMW5a$rMn$H$7$^$9!#(B
    $B$rH/@8$5$;$h$&$H$7$?(B

$B$N$G$9$,!"$d$C$Q$j@\B3$G$-$F$7$^$$$^$9!#(B

$B@5$7$/M}2r$;$:$K;H$&$N$,$$$A$P$sI]$$$N$G!"(B
$B2?$+8m2r$7$F$$$k$N$G$O$J$$$+$HG:$s$G$$$k$N$G$9$,!"(B
$B$I$J$?$+!"(Btcp_wrappers $B$K>\$7$$J}!"2r@b$7$FD:$1$^$;$s$G$7$g$&$+!)(B

# tcp_wrappers $B$N%=!<%9$rFI$a$P2r$k$N$G$7$g$&$,(B...


>$B$H$O$$$(!";d$NA0$N%a!<%k$G$O!V$3$N9T$,860x!W$H=q$$$F$^$7$?$N$G!"(B
>$B$*OM$S$7$FD{@5$$$?$7$^$9(B(_o_)$B!#(B

$B$$$($$$(!"$b$7!"(B

    - $B4V0c$C$?$3$H$r8@$C$F$$$k(B
    - $B4V0c$C$?$3$H$r8@$C$F$$$k2DG=@-$,$"$k(B

$B>l9g$O;XE&$7$FD:$$$?$[$&$,$"$j$,$?$$$G$9!#(B



>$B!V@50z$-!W!&!V5U0z$-!W$O$H$b$+$/!"(B
>$B!VFs=E5U0z$-!W$C$F$J$s$G$9$+!)(B

google $BMM$K$*$&$+$,$$$r$?$F$k$H!"(B

    $B$D$^$j!"5U0z$-$r<B9T$7$?8e$K!"(B
    $B$=$N7k2L$K4p$E$$$F@50z$-$r<B9T$7$^$9(B

    double-reverse lookup

$B$J$I$H$N$?$^$&$_$?$$$G$9!#(B


--
Koji Uchiyama <uchiyama@pp.iij4u.or.jp>
