HP-UX Reference (11i v2 04/09) - 1 User Commands N-Z (vol 2)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

321

322

323

324

325

326

327

328

329

330

tcpdmatch(1) tcpdmatch(1)

NAME

tcpdmatch - evaluate tcp wrapper service requests

SYNOPSYS

/usr/bin/tcpdmatch

[-d][-i inet_conf ] daemon client

/usr/bin/tcpdmatch

[-d][-i inet_conf ] daemon[

@server][user@]client

DESCRIPTION

tcpdmatch predicts how the tcp wrapper would handle a speciﬁc request for service. Examples are

given below.

The program examines the

tcpd access control tables (default

/etc/hosts.allow

and

/etc/hosts.deny

) and prints its conclusion. For maximum accuracy, it extracts additional informa-

tion from the

inetd conﬁguration ﬁle.

When

tcpdmatch ﬁnds a match in the access control tables, it identiﬁes the matched rule. In addition,

it displays the optional shell commands or options in a printable format. The display helps you ﬁnd any

discrepancies between what you want and what

tcpdmatch understands for the access control rules.

Arguments

The daemon and client arguments are always required.

daemon A daemon process name. Typically, the last component of a daemon executable pathname.

client A host name or network address, or one of the ‘unknown’ or ‘paranoid’ wildcard patterns.

When a client host name is speciﬁed,

tcpdmatch gives a prediction for each address listed for

that client.

When a client address is speciﬁed,

tcpdmatch predicts what tcpd would do when the client

name lookup fails.

Optional information speciﬁed with the daemon

@server form:

server A host name or network address, or one of the ‘unknown’ or ‘paranoid’ wildcard patterns. The

default server name is ‘unknown’.

Optional information speciﬁed with the user

@client form:

user A client user identiﬁer. Typically, a login name or a numeric userid. The default user name is

‘unknown’.

Options

-d Examine hosts.allow and hosts.deny ﬁles in the current directory instead of the

default ones.

-i inet_conf

Specify this option when tcpdmatch is unable to ﬁnd your inetd.conf conﬁguration ﬁle,

or when you suspect that tcpdmatch is using the wrong ﬁle. inet_conf is the path name of

the inetd.conf conﬁguration ﬁle whose entries you want to examine.

EXAMPLES

To predict how

tcpd would handle a telnet request from the local system:

tcpdmatch telnetd localhost

The same request, pretending that hostname lookup failed:

tcpdmatch telnetd 127.0.0.1

To predict what tcpd would do when the client name does not match the client address:

tcpdmatch telnetd paranoid

AUTHOR

Wietse Venema (wietse@wzv.win.tue.nl),

Department of Mathematics and Computing Science,

Eindhoven University of Technology

Den Dolech 2, P.O. Box 513,

5600 MB Eindhoven, The Netherlands

HP-UX 11i Version 2: September 2004 − 1 − Hewlett-Packard Company Section 1−−915