tcpdchk(1) tcpdchk(1)
NAME [Toc] [Back]
tcpdchk - check tcp wrapper configuration
SYNOPSYS [Toc] [Back]
/usr/bin/tcpdchk [-a] [-d] [-i inet_conf] [-v]
DESCRIPTION [Toc] [Back]
tcpdchk examines the tcp wrapper configuration and reports all
potential and real problems it can encounter. The command examines
the tcpd access control files (by default, these are /etc/hosts.allow
and /etc/hosts.deny), and compares the entries in these files against
entries in the inetd configuration file.
tcpdchk reports the following types of problems:
non-existent pathnames,
services that appear in tcpd access control rules but are not
controlled by tcpd,
services that should not be wrapped,
non-existent host names or non-internet address forms,
occurrences of host aliases instead of official host names,
hosts with a name/address conflict,
inappropriate use of wildcard patterns,
inappropriate use of NIS netgroups or references to non-existent
NIS netgroups,
references to non-existent options,
invalid arguments to options.
Wherever possible, tcpdchk provides a helpful suggestion to fix the
problem.
Options [Toc] [Back]
The following options are supported by tcpdchk. If no options are
specified, then it uses the default location of the files.
-a Report access control rules that permit access without an
explicit ALLOW keyword.
-d Examine the hosts.allow and hosts.deny files in the current
directory instead of the default ones.
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: August 2003
tcpdchk(1) tcpdchk(1)
-i inet_conf
Specify this option when tcpdchk is unable to find your
inetd.conf configuration file, or when you suspect that tcpdchk
is using the wrong file. inet_conf is the path name of the
inetd.conf configuration file whose entries you want to examine.
-v Display the contents of each access control rule. Daemon lists,
client lists, shell commands and options are shown in a printable
format. The display helps you find any discrepancies between
what you want and what tcpdchk understands for the access control
rules.
AUTHOR [Toc] [Back]
Wietse Venema (wietse@wzv.win.tue.nl),
Department of Mathematics and Computing Science,
Eindhoven University of Technology
Den Dolech 2, P.O. Box 513,
5600 MB Eindhoven, The Netherlands
FILES [Toc] [Back]
The default locations of the tcpd access control tables are:
/etc/hosts.allow (daemon, client) pairs that are granted
access.
/etc/hosts.deny (daemon, client) pairs that are denied
access.
SEE ALSO [Toc] [Back]
tcpdmatch(1), explains what tcpd would do in specific cases.
inetd.conf(4), format of the inetd control file.
hosts_access(5), format of the tcpd access control tables.
hosts_options(5), format of the language extensions.
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: August 2003 [ Back ] |