tcpdmatch
tcpdmatch is a tool that can be used to simulate the
Wrappers daemon program, tcpd’s behaviour for a particular
host and a particular service.
tcpdmatch predicts how the tcp wrapper daemon would handle
a specific service request.The program examines the tcpd access control
tables (default /etc/hosts.allow and /etc/hosts.deny) and prints its
conclusion. For maximum accuracy, it extracts additional information
from the /etc/inetd.conf file.
This is executed on the command line as:
/usr/bin/tcpdmatch [-d] [-i inet_conf] daemon client
/usr/bin/tcpdmatch [-d] [-i inet_conf] daemon@[server] [user@]client
The second syntax can be used when your server has more than
one address or name.
Where
“daemon” is a daemon process name.
“client” is a host name or network address,
or one of the ‘unknown’ or ‘paranoid’ wildcard
patterns.
Optional information specified with the “daemon@server” and “user@client” forms:
“server” is a host name or network address,
or one of the ‘unknown’ or ‘paranoid’ wildcard
patterns. The default server name is ‘unknown’.
“user” is a client user identifier. Typically,
it is a login name or a numeric user id. The default user name is ‘unknown’.
The following example illustrates how tcpd would handle a
ftp request from a local system:
tcpdmatch ftpd localhost
Pretending that the hostname lookup fails, the same request
would be handled by tcpd as follows:
tcpdmatch ftpd 127.0.0.1
To predict what tcpd would do when the client name does not
match the client address:
tcpdmatch ftpd paranoid