AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.

 View Only
Back to discussions
Expand all | Collapse all

/etc/hosts.allow format for IP address range

  • 1.  /etc/hosts.allow format for IP address range

    Posted Tue September 25, 2007 01:09 PM

    Originally posted by: hwyguy


    Hello,

    I'm trying to allow a network segment access to telnet on an AIX 5.3 host, and so far have had no luck. I see nothing but "refused connect from 10.1.1.1" messages in my syslog.

    I think its because my syntax is wrong. I'm trying to allow the entire 10.1.1.0 network and have tried adding 10.1.1.0/24, 10.1.1.0, 10.1.1, and even just 10 to no avail

    Right now it looks like this:

    telnetd: .myhost.com 10.1.1.0

    Does anyone know what the proper syntax is for the IBM supplied TCP wrapper? According to SupportLine, TCP wrappers are not supported by IBM :/

    Thanks!


  • 2.  Re: /etc/hosts.allow format for IP address range

    Posted Tue September 25, 2007 01:31 PM

    Originally posted by: orphy


    TCP Wrapper is not from IBM though you might find it on one of the CDs
    that they shipped you (I haven't checked). With that, they don't support
    it but it's been out there for over a decade and many people have used it
    successfully.

    Check out chapter 5 of

    http://www.redbooks.ibm.com/abstracts/SG245971.html?Open
    Orphy


  • 3.  Re: /etc/hosts.allow format for IP address range

    Posted Tue September 25, 2007 03:01 PM

    Originally posted by: hwyguy


    Thanks for the link to the redbook.

    The redbook had the network syntax for the tcpwrappers.

    For future reference, to allow a network segment by IP address you'd need to add the network/netmask

    So for 10.1.1.0/24 you'd add 10.1.1.0/255.255.255.0

    FYI, TCP Wrappers are included on the IBM AIX Expansion Pack CD's.

    Thanks again!