Alexander Motin
ea9ed3d85b
Disable libwrap (TCP wrappers) support in rpcbind by default, introducing
...
new command line options -W, to enable it when needed.
On my tests this change by almost ten times improves rpcbind performance.
No objections: many, net@
2014-03-06 17:33:27 +00:00
Ruslan Ermilov
98374c9c79
Comment out lines that use example addresses and example.com names so
...
that local changes can be made more easily (without having to comment
these lines, and making the diff more readable).
2006-08-29 09:20:48 +00:00
Christian S.J. Peron
0f7163d304
Since NIS is an RPC based service, add a note that when adjusting access
...
controls in NIS, similar access controls should be considered for the
rpcbind as well.
2006-06-01 14:14:58 +00:00
Ruslan Ermilov
e1fe3dba5c
Reimplementation of world/kernel build options. For details, see:
...
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html
The src.conf(5) manpage is to follow in a few days.
Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Hajimu UMEMOTO
9512e32664
The libwrap built with NO_INET6=yes cannot parse an IPv6 address.
...
So, mention it in comment.
Submitted by: Dmitry Morozovsky <marck__at__rinet.ru>
MFC after: 2 days
2006-02-16 14:46:03 +00:00
Hajimu UMEMOTO
bd872c1ccb
Use RFC 3849 address for examples.
...
Pointed out by: mistral@imasy.or.jp
MFC after: 1 week
2004-08-03 08:58:34 +00:00
Hajimu UMEMOTO
f6c223ace3
allow ::1 explicitly.
...
Pointed out by: mistral@imasy.or.jp
MFC after: 1 week
2004-08-03 08:47:35 +00:00
Jens Schweikhardt
d8beb0fd3b
Removed whitespace at BOF, EOL & EOF.
2004-06-06 11:46:29 +00:00
Mark Murray
adb79039fd
Enable TCP_WRAPPERs for the NIS server. The protection afforded is
...
not massive, but usable.
2002-02-06 20:39:36 +00:00
David Malone
1139160ec0
Clear up what the line "ALL : PARANOID : RFC931 20 : deny" means
...
to tcp wrappers. The description is a little long, but hopefully
accurate.
2001-08-18 14:22:52 +00:00
Brian Somers
7f17ea13a3
Fix a misleading comment
...
Submitted by: Mark Knight <markk@knigma.org>
2001-05-02 09:29:20 +00:00
Alexander Langer
4e64bc892d
"Portmapper" -> "Rpcbind" in a comment.
2001-04-26 13:43:02 +00:00
Alfred Perlstein
527464e999
s/portmap/rpcbind
...
Pointed out by: Hajimu UMEMOTO <ume@mahoroba.org>
2001-03-20 21:02:39 +00:00
Hajimu UMEMOTO
be8302343e
Add some examples for IPv6 addresses.
...
PR: conf/18614
Submitted by: James Housley <jim@thehousleys.net>
2000-07-19 13:05:58 +00:00
Sheldon Hearn
8172e29086
Add IP addresses to the rules required to "Allow anything from
...
localhost", since portmap(8) is included in "anything".
Submitted by: Doug Barton <Doug@gorean.org>
2000-05-05 08:31:59 +00:00
Chris Timmons
99d2860f1b
Clarify the disposition of hosts.deny and provide a logically
...
consistent portmap example rule.
Reviewed by: obrien, markm
Obtained-good-ideas from: obrien
2000-03-28 17:28:56 +00:00
Jordan K. Hubbard
b1be9320f3
The default rule in this file actually sent mail to root as its default
...
action when denying access to a service. Unfortunately, this also makes
a dandy denial-of-service attack possible. Change to just log the event
and shoot a "go away" response back down the socket.
2000-02-17 04:52:23 +00:00
David E. O'Brien
e54b3aebe0
Fix English. Also use full spelling and reorg a little while I'm here.
...
Submitted by: Andy Farkas <andyf@speednet.com.au>
2000-01-25 11:25:59 +00:00
David E. O'Brien
dfe43144ff
MFS: note that only IP addresses work when wrapping the portmapper.
...
Make clearer we consider this only an example, and admins should really
write this file for their needs.
1999-11-25 03:00:44 +00:00
Peter Wemm
9b7a44a60e
$Id$ -> $FreeBSD$
1999-08-27 23:37:10 +00:00
Sheldon Hearn
87178415f4
Add a sample entry for Exim, in preparation for the upcoming behaviour
...
change in the port, where TCP Wrapper support will become the default.
Requested by: markm
1999-08-03 14:52:46 +00:00
David E. O'Brien
1924a94a7c
Use /usr/bin/finger rather than `safe_finger'.
1999-05-08 02:19:25 +00:00
Mark Murray
6a5f5da709
Use more politically correct examples, and expand the examples a bit.
1999-04-08 19:08:53 +00:00
Mark Murray
f8b0e8c9ff
Add an example hosts.allow for the (base system) tcp_wrappers.
...
Anyone with good ideas for this is welcome to contribute.
1999-03-28 10:47:26 +00:00