TCP Wrappers

From Webmin Documentation
Jump to: navigation, search

The TCP Wrappers module uses a simple access control language that is based on client (host name/address, user name), and server (process name, host name/address) patterns.

An extended version of the access control language is described in the hosts_options(5) document. The extensions are turned on at program build time by building with -DPROCESS_OPTIONS.

Access Control Files

The access control software consults two files. The search stops at the first match:

  • Access will be granted when a (daemon, client) pair matches an entry in the /etc/hosts.allow file.
  • Otherwise, access will be denied when a (daemon, client) pair matches an entry in the /etc/hosts.deny file.
  • Otherwise, access will be granted.

A non-existing access control file is treated as if it were an empty file. Thus, access control can be turned off by providing no access control files.