tcpdchk.1 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

tcpdchk(1) tcpdchk(1)

NAME

tcpdchk - check tcp wrapper conﬁguration

SYNOPSYS

/usr/bin/tcpdchk

[-a][-d][-i inet_conf ][

-v]

DESCRIPTION

tcpdchk examines the tcp wrapper conﬁguration and reports all potential and real problems it can

encounter. The command examines the tcpd access control ﬁles (by default, these are

/etc/hosts.allow

and /etc/hosts.deny

), and compares the entries in these ﬁles against entries

in the

inetd conﬁguration ﬁle.

tcpdchk reports the following types of problems:

non-existent pathnames,

services that appear in

tcpd access control rules but are not controlled by

tcpd,

services that should not be wrapped,

non-existent host names or non-internet address forms,

occurrences of host aliases instead of ofﬁcial host names,

hosts with a name/address conﬂict,

inappropriate use of wildcard patterns,

inappropriate use of NIS netgroups or references to non-existent NIS netgroups,

references to non-existent options,

invalid arguments to options.

Wherever possible,

tcpdchk provides a helpful suggestion to ﬁx the problem.

Options

The following options are supported by

tcpdchk. If no options are speciﬁed, then it uses the default

location of the ﬁles.

-a Report access control rules that permit access without an explicit ALLOW keyword.

-d Examine the hosts.allow and hosts.deny ﬁles in the current directory instead of the default

ones.

-i inet_conf

Specify this option when tcpdchk is unable to ﬁnd your inetd.conf conﬁguration ﬁle, or when

you suspect that tcpdchk is using the wrong ﬁle. inet_conf is the path name of the

inetd.conf

conﬁguration ﬁle whose entries you want to examine.

-v Display the contents of each access control rule. Daemon lists, client lists, shell commands and

options are shown in a printable format. The display helps you ﬁnd any discrepancies between

what you want and what tcpdchk understands for the access control rules.

AUTHOR

Wietse Venema (wietse@wzv.win.tue.nl),

Department of Mathematics and Computing Science,

Eindhoven University of Technology

Den Dolech 2, P.O. Box 513,

5600 MB Eindhoven, The Netherlands

FILES

The default locations of the

tcpd access control tables are:

/etc/hosts.allow (daemon, client) pairs that are granted access.

/etc/hosts.deny (daemon, client) pairs that are denied access.

Summary of content (2 pages)

PAGE 1
tcpdchk(1) tcpdchk(1) NAME tcpdchk - check tcp wrapper configuration SYNOPSYS /usr/bin/tcpdchk [-a] [-d] [-i inet_conf ] [-v] DESCRIPTION tcpdchk examines the tcp wrapper configuration and reports all potential and real problems it can encounter. The command examines the tcpd access control files (by default, these are /etc/hosts.allow and /etc/hosts.deny), and compares the entries in these files against entries in the inetd configuration file.
PAGE 2
tcpdchk(1) tcpdchk(1) inetd.conf (4), format of the inetd control file. hosts_access (5), format of the tcpd access control tables. hosts_options(5), format of the language extensions.