Manualshelf

Configuring and Managing MPE/iX Internet Services (MPE/iX 6.0)

ManualsBrandsHP ManualsSoftwareMPE/iX 6.5 Operating System
31323334353637383940
36 Chapter 2
Internet Daemon
inetd Security File
Separate the IP addresses and domain names by a white space. You
may enter any mix of addresses and names. For example, the
following entry denies Telnet access to host hp22.cup.hp.com,
any hosts on the network named “testlan,” and the host with IP
address 192.54.24.5:
telnet deny hp22.cup.hp.com testlan 192.54.24.5
To continue an entry on the next line, place a slash (/) at the end of the
line to be continued. The Internet daemon will ignore a slash that
appears in the middle of the line, continue reading to the end, and
ignore the next line. In this case, it will probably misinterpret the
entry and you will see an error message.
Using Wildcard Characters
You may use wildcard characters (*) in any of the fields of the address
to specify permissions for a group of hosts or networks. This makes it
more convenient to specify an entire network, since you will not need to
specify each host in that network. The following sample entry, for
example, allows all hosts with network addresses starting with a 10, as
well as the single host whose address is 192.54.24.5 to use Telnet:
telnet allow 10.* 192.54.24.5
You cannot use the wildcard character in combination with other
integers in one part of an address field. For example, this entry in the
inetd security file will generate an error message because the second
field includes a 5 followed by the * character:
tftp deny 10.5*
Either integers or the wildcard character is allowed in one part of an
address field.
Using Range Character
You may use the range indicator (-) in any of the fields of the address to
specify which hosts or networks in a group are exempted from the
permission assignment. This makes it more convenient to allow or deny
a service for a subnet within the network you specify. The following
sample entry, for example, denies hosts in subnets 3 through 5 of
network 10 access to Telnet. Note that the wildcard character * at the
end of the address lets you avoid specifying the individual hosts within
the subnet.
telnetd deny 10.3-5.*