From owner-FreeBSD-tech-jp@jp.freebsd.org  Mon Jul  5 14:14:50 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id OAA60909;
	Mon, 5 Jul 1999 14:14:50 +0900 (JST)
	(envelope-from owner-FreeBSD-tech-jp@jp.FreeBSD.org)
Received: from inetfw.sonycsl.co.jp (inetfw.sonycsl.co.jp [203.137.129.4])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id OAA60891;
	Mon, 5 Jul 1999 14:14:47 +0900 (JST)
	(envelope-from keisuke@csl.sony.co.jp)
Received: from pochi.csl.sony.co.jp (pochi.csl.sony.co.jp [43.27.98.161])
	by inetfw.sonycsl.co.jp (8.9.3+3.2W/3.7Ws3/99060216/smtpfeed 1.01) with ESMTP id OAA01976;
	Mon, 5 Jul 1999 14:14:46 +0900 (JST)
Received: from localhost (localhost [127.0.0.1])
	by pochi.csl.sony.co.jp (8.9.3/3.7W) with ESMTP id OAA10901;
	Mon, 5 Jul 1999 14:14:54 +0900 (JST)
To: FreeBSD-users-jp@jp.freebsd.org
Cc: FreeBSD-tech-jp@jp.freebsd.org
In-Reply-To: Your message of "Thu, 01 Jul 1999 22:25:07 +0900"
	<19990701222507O.keisuke@csl.sony.co.jp>
References: <19990701222507O.keisuke@csl.sony.co.jp>
X-Mailer: Mew version 1.93 on Emacs 20.3 / Mule 4.0 (HANANOEN)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <19990705141453N.keisuke@csl.sony.co.jp>
Date: Mon, 05 Jul 1999 14:14:53 +0900
From: Keisuke Inoue <keisuke@csl.sony.co.jp>
X-Dispatcher: imput version 981019(IM102)
Lines: 45
Reply-To: FreeBSD-tech-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990625
X-Sequence: FreeBSD-tech-jp 2379
Subject: [FreeBSD-tech-jp 2379] libwrap (Re: tcp_wrapper and nfs)
Errors-To: owner-FreeBSD-tech-jp@jp.freebsd.org
Sender: owner-FreeBSD-tech-jp@jp.freebsd.org
X-Originator: keisuke@csl.sony.co.jp

$B0f>e$G$9!%(B


[FreeBSD-users-jp 43763] tcp_wrapper and nfs
$B$G$9$,!$A4A3H?1~$,$J$$$N$G(Btech-jp$B$K$b$U$C$F$b$&0lEY=P$7$^$9!%(B


3.2-RELEASE$B$GI8=`$G$D$$$F$/$k(Btcp_wrapper(libwrap)$B$O(B
/etc/hosts.allow$B$K(B

ALL : hostname : allow
      ^^^^^^^^
$B$H(Bhostname$B$rMQ$$$?5,B'$r=q$$$F$b(Bportmap$B$K8z2L$,$"$j$^$;$s!%(B
$B$=$N$?$a!$B>$+$i(Bnfs mount$B$G$-$J$/$J$j$^$9!%(Binetd$B0J30$G$O(B
libwrap$B<~JU$GL>A0$,$-$A$s$H2r7h=PMh$F$$$J$$5$$,$7$^$9!%(B


$BA0Ds>r7o$G$9$,!$4X78$9$k(Bhostname$B$OA4$F(BDNS$B$G=g0z!$5U0z$G$-$F!$(B
tcp_wrapper$B$N@_Dj$r$9$k%[%9%H$O(Bfile system$B$r(Bexport$B$7$F$$$F!$(B
/etc/hosts.allow$B$r@_Dj$7$J$1$l$PB>$+$i(Bnfs mount$B$G$-$^$9!%(B

$BNc$($P(B
192.168.0.2	gonta.hoge
$B$,$A$c$s$H(BDNS$B$G=g0z!$5U0z=PMh$k$H$7$^$9!%(B
ALL : gonta.hoge : allow
ALL : ALL : deny
$B$G(Bgonta.hoge$B$+$i(Bnfs mount$B$r$9$k$H(B
portmap[313]: connect from 192.168.0.2 to getport(mountd): request from unauthorized host
$B$H$J$j$^$9!%$7$+$7!$(B
ALL : 192.168.0.2 : allow
ALL : ALL : deny
$B$J$i$P(Bgrant$B$G$9!%$D$^$j!$(Bportmap$B$N>l9g!$A4A3L>A02r7h(B($B5U0z(B?)
$B$,=PMh$F$$$^$;$s!%(B

$B$7$+$7!$(Binetd$B$+$i5/F0$5$l$k(Bin.ftpd$B$J$I$O$I$A$i$G$b(Bgrant$B$G$9!%(B
$B$^$?!$(BNetBSD 1.4$B$N>l9g$OLdBj$J$/$I$A$i$b(Bgrant$B$G$9!%(B

P.S.
$B$I$J$?$+$*JV;v2<$5$$!%(B(;_;)
$B$b$7$+$7$FA4A34*0c$$$7$F$$$^$9$+(B?


--
Keisuke Inoue <keisuke@csl.sony.co.jp>
SONY Computer Science Laboratories Inc.
