summaryrefslogtreecommitdiff
path: root/tcpdmatch.8
diff options
context:
space:
mode:
Diffstat (limited to 'tcpdmatch.8')
-rw-r--r--tcpdmatch.898
1 files changed, 98 insertions, 0 deletions
diff --git a/tcpdmatch.8 b/tcpdmatch.8
new file mode 100644
index 0000000..ebd8c78
--- /dev/null
+++ b/tcpdmatch.8
@@ -0,0 +1,98 @@
+.TH TCPDMATCH 8
+.SH NAME
+tcpdmatch \- tcp wrapper oracle
+.SH SYNOPSYS
+tcpdmatch [-d] [-i inet_conf] daemon client
+.sp
+tcpdmatch [-d] [-i inet_conf] daemon[@server] [user@]client
+.SH DESCRIPTION
+.PP
+\fItcpdmatch\fR predicts how the tcp wrapper would handle a specific
+request for service. Examples are given below.
+.PP
+The program examines the \fItcpd\fR access control tables (default
+\fI/etc/hosts.allow\fR and \fI/etc/hosts.deny\fR) and prints its
+conclusion. For maximal accuracy, it extracts additional information
+from your \fIinetd\fR or \fItlid\fR network configuration file.
+.PP
+When \fItcpdmatch\fR finds a match in the access control tables, it
+identifies the matched rule. In addition, it displays the optional
+shell commands or options in a pretty-printed format; this makes it
+easier for you to spot any discrepancies between what you want and what
+the program understands.
+.SH ARGUMENTS
+The following two arguments are always required:
+.IP daemon
+A daemon process name. Typically, the last component of a daemon
+executable pathname.
+.IP client
+A host name or network address, or one of the `unknown' or `paranoid'
+wildcard patterns.
+.sp
+When a client host name is specified, \fItcpdmatch\fR gives a
+prediction for each address listed for that client.
+.sp
+When a client address is specified, \fItcpdmatch\fR predicts what
+\fItcpd\fR would do when client name lookup fails.
+.PP
+Optional information specified with the \fIdaemon@server\fR form:
+.IP server
+A host name or network address, or one of the `unknown' or `paranoid'
+wildcard patterns. The default server name is `unknown'.
+.PP
+Optional information specified with the \fIuser@client\fR form:
+.IP user
+A client user identifier. Typically, a login name or a numeric userid.
+The default user name is `unknown'.
+.SH OPTIONS
+.IP -d
+Examine \fIhosts.allow\fR and \fIhosts.deny\fR files in the current
+directory instead of the default ones.
+.IP "-i inet_conf"
+Specify this option when \fItcpdmatch\fR is unable to find your
+\fIinetd.conf\fR or \fItlid.conf\fR network configuration file, or when
+you suspect that the program uses the wrong one.
+.SH EXAMPLES
+To predict how \fItcpd\fR would handle a telnet request from the local
+system:
+.sp
+.ti +5
+tcpdmatch in.telnetd localhost
+.PP
+The same request, pretending that hostname lookup failed:
+.sp
+.ti +5
+tcpdmatch in.telnetd 127.0.0.1
+.PP
+To predict what tcpd would do when the client name does not match the
+client address:
+.sp
+.ti +5
+tcpdmatch in.telnetd paranoid
+.PP
+On some systems, daemon names have no `in.' prefix, or \fItcpdmatch\fR
+may need some help to locate the inetd configuration file.
+.SH FILES
+.PP
+The default locations of the \fItcpd\fR access control tables are:
+.PP
+/etc/hosts.allow
+.br
+/etc/hosts.deny
+.SH SEE ALSO
+.na
+.nf
+tcpdchk(8), tcpd configuration checker
+hosts_access(5), format of the tcpd access control tables.
+hosts_options(5), format of the language extensions.
+inetd.conf(5), format of the inetd control file.
+tlid.conf(5), format of the tlid control file.
+.SH AUTHORS
+.na
+.nf
+Wietse Venema (wietse@wzv.win.tue.nl),
+Department of Mathematics and Computing Science,
+Eindhoven University of Technology
+Den Dolech 2, P.O. Box 513,
+5600 MB Eindhoven, The Netherlands
+\" @(#) tcpdmatch.8 1.5 96/02/11 17:01:35
View Lorry Controller Status