1 | .TH TCPDCHK 8 |
---|
2 | .SH NAME |
---|
3 | tcpdchk \- tcp wrapper configuration checker |
---|
4 | .SH SYNOPSYS |
---|
5 | tcpdchk [-a] [-d] [-i inet_conf] [-v] |
---|
6 | .SH DESCRIPTION |
---|
7 | .PP |
---|
8 | \fItcpdchk\fR examines your tcp wrapper configuration and reports all |
---|
9 | potential and real problems it can find. The program examines the |
---|
10 | \fItcpd\fR access control files (by default, these are |
---|
11 | \fI/etc/hosts.allow\fR and \fI/etc/hosts.deny\fR), and compares the |
---|
12 | entries in these files against entries in the \fIinetd\fR or \fItlid\fR |
---|
13 | network configuration files. |
---|
14 | .PP |
---|
15 | \fItcpdchk\fR reports problems such as non-existent pathnames; services |
---|
16 | that appear in \fItcpd\fR access control rules, but are not controlled |
---|
17 | by \fItcpd\fR; services that should not be wrapped; non-existent host |
---|
18 | names or non-internet address forms; occurrences of host aliases |
---|
19 | instead of official host names; hosts with a name/address conflict; |
---|
20 | inappropriate use of wildcard patterns; inappropriate use of NIS |
---|
21 | netgroups or references to non-existent NIS netgroups; references to |
---|
22 | non-existent options; invalid arguments to options; and so on. |
---|
23 | .PP |
---|
24 | Where possible, \fItcpdchk\fR provides a helpful suggestion to fix the |
---|
25 | problem. |
---|
26 | .SH OPTIONS |
---|
27 | .IP -a |
---|
28 | Report access control rules that permit access without an explicit |
---|
29 | ALLOW keyword. This applies only when the extended access control |
---|
30 | language is enabled (build with -DPROCESS_OPTIONS). |
---|
31 | .IP -d |
---|
32 | Examine \fIhosts.allow\fR and \fIhosts.deny\fR files in the current |
---|
33 | directory instead of the default ones. |
---|
34 | .IP "-i inet_conf" |
---|
35 | Specify this option when \fItcpdchk\fR is unable to find your |
---|
36 | \fIinetd.conf\fR or \fItlid.conf\fR network configuration file, or when |
---|
37 | you suspect that the program uses the wrong one. |
---|
38 | .IP -v |
---|
39 | Display the contents of each access control rule. Daemon lists, client |
---|
40 | lists, shell commands and options are shown in a pretty-printed format; |
---|
41 | this makes it easier for you to spot any discrepancies between what you |
---|
42 | want and what the program understands. |
---|
43 | .SH FILES |
---|
44 | .PP |
---|
45 | The default locations of the \fItcpd\fR access control tables are: |
---|
46 | .PP |
---|
47 | /etc/hosts.allow |
---|
48 | .br |
---|
49 | /etc/hosts.deny |
---|
50 | .SH SEE ALSO |
---|
51 | .na |
---|
52 | .nf |
---|
53 | tcpdmatch(8), explain what tcpd would do in specific cases. |
---|
54 | hosts_access(5), format of the tcpd access control tables. |
---|
55 | hosts_options(5), format of the language extensions. |
---|
56 | inetd.conf(5), format of the inetd control file. |
---|
57 | tlid.conf(5), format of the tlid control file. |
---|
58 | .SH AUTHORS |
---|
59 | .na |
---|
60 | .nf |
---|
61 | Wietse Venema (wietse@wzv.win.tue.nl), |
---|
62 | Department of Mathematics and Computing Science, |
---|
63 | Eindhoven University of Technology |
---|
64 | Den Dolech 2, P.O. Box 513, |
---|
65 | 5600 MB Eindhoven, The Netherlands |
---|
66 | \" @(#) tcpdchk.8 1.3 95/01/08 17:00:30 |
---|