| Author |
Message |
sneaks
Joined: 04 Mar 2009
Posts: 29
|
| Posted: Thu Jan 14, 2010 3:00 am Post subject: hosts.allow in arch linux |
|
|
| So I've been using Debian up until now, when I decided to try out Arch Linux. Loving it so far, but there's something I'm wondering about. When I installed lighttpd via pacman, I couldn't connect to my webpage from the outside, but it worked from localhost. When I added "lighttpd: ALL" to the hosts.allow file, I could connect to it from the outside. I've never had to do this with Debian. Why? Also, sshd isn't in the hosts.allow but I can still connect through ssh. Is there a way to disable this? |
|
| Back to top |
|
CSSX
Joined: 19 Dec 2009
Posts: 3
|
| Posted: Thu Jan 14, 2010 3:10 am Post subject: |
|
|
You might want to take a look at /etc/hosts.deny. By default, it is set
up to deny all incoming connections which is why you have to add
exceptions to /etc/hosts.allow. Also check out man 5 hosts_access. |
|
| Back to top |
|
sneaks
Joined: 04 Mar 2009
Posts: 29
|
| Posted: Thu Jan 28, 2010 5:35 pm Post subject: |
|
|
| I see, thanks for the response. When I took a look in hosts.deny, it was empty. Is it supposed to be this way? Can I disable this "feature"? |
|
| Back to top |
|
CSSX
Joined: 19 Dec 2009
Posts: 3
|
| Posted: Thu Jan 28, 2010 5:55 pm Post subject: |
|
|
| You could put ALL: ALL: ALLOW in your /etc/hosts.allow to allow all incoming connections. |
|
| Back to top |
|
sneaks
Joined: 04 Mar 2009
Posts: 29
|
| Posted: Thu Jan 28, 2010 6:02 pm Post subject: |
|
|
| I read the man and it just said that the hosts.deny could be empty and if it is, the connections will be allowed. This goes against what really happened, so now I'm kind of confused. So by default all connections are rejected even though hosts.deny is empty? |
|
| Back to top |
|
CSSX
Joined: 19 Dec 2009
Posts: 3
|
| Posted: Fri Jan 29, 2010 5:00 am Post subject: |
|
|
| If the manpage says that if /etc/hosts.deny is empty all connections will be allowed, then it is probably so. Maybe something else was blocking your connections? |
|
| Back to top |
|
sneaks
Joined: 04 Mar 2009
Posts: 29
|
| Posted: Fri Jan 29, 2010 2:13 pm Post subject: |
|
|
| Hm that what I'd like to think but when I added lighttpd to my hosts.allow it worked. |
|
| Back to top |
|
Vance
Joined: 18 Jan 2009
Posts: 350
|
| Posted: Sat Jan 30, 2010 5:50 pm Post subject: |
|
|
I recall recently reading an article* discussing this issue and noting differences in behavior between distributions. In some cases this was correctly documented in the relevant man page, but in some it wasn't. There were also mysterious references to a system-wide setting that the author couldn't validate.
In short, your man page might be wrong on this point.
*Sadly, my Google-fu is failing, as I can't locate it again. Perhaps it was all a dream... |
|
| Back to top |
|
sneaks
Joined: 04 Mar 2009
Posts: 29
|
| Posted: Mon Feb 01, 2010 2:19 pm Post subject: |
|
|
| Thanks, that makes things clearer. :) Is there a way I can just disable this entire hosts.allow/hosts.deny thing? |
|
| Back to top |
|
| |
