tcpdmatch

NAME

       tcpdmatch - tcp wrapper oracle

SYNOPSYS

       tcpdmatch [-d] [-i inet_conf] daemon client

       tcpdmatch     [-d]    [-i    inet_conf]    daemon[@server]
       [user@]client

DESCRIPTION

       tcpdmatch predicts how the tcp wrapper would handle a spe-
       cific request for service.  Examples are given below.

       The  program  examines  the  tcpd  access  control  tables
       (default /etc/hosts.allow and /etc/hosts.deny) and  prints
       its  conclusion.   For maximal accuracy, it extracts addi-
       tional information from your inetd or tlid network config-
       uration file.

       When tcpdmatch finds a match in the access control tables,
       it identifies the matched rule. In addition,  it  displays
       the optional shell commands or options in a pretty-printed
       format; this makes it easier for you to spot any  discrep-
       ancies  between  what you want and what the program under-
       stands.

ARGUMENTS

       The following two arguments are always required:

       daemon A daemon process name. Typically, the  last  compo-
              nent of a daemon executable pathname.

       client A  host  name  or  network  address,  or one of the
              `unknown' or `paranoid' wildcard patterns.

              When a client host  name  is  specified,  tcpdmatch
              gives a prediction for each address listed for that
              client.

              When a client address is specified, tcpdmatch  pre-
              dicts  what  tcpd  would do when client name lookup
              fails.

       Optional  information  specified  with  the  daemon@server
       form:

       server A  host  name  or  network  address,  or one of the
              `unknown'  or  `paranoid'  wildcard  patterns.  The
              default server name is `unknown'.

       Optional information specified with the user@client form:

       user   A  client  user identifier. Typically, a login name
              or a numeric userid.   The  default  user  name  is
              `unknown'.

OPTIONS

       -d     Examine  hosts.allow  and  hosts.deny  files in the
              current directory instead of the default ones.

       -i inet_conf
              Specify this option when  tcpdmatch  is  unable  to
              find  your inetd.conf or tlid.conf network configu-
              ration file, or when you suspect that  the  program
              uses the wrong one.

EXAMPLES

       To predict how tcpd would handle a telnet request from the
       local system:

            tcpdmatch in.telnetd localhost

       The same request, pretending that hostname lookup failed:

            tcpdmatch in.telnetd 127.0.0.1

       The predict what tcpd would do when the client  name  does
       not match the client address:

            tcpdmatch in.telnetd paranoid

       On  some  systems,  daemon  names have no `in.' prefix, or
       tcpdmatch may need some help to locate the inetd  configu-
       ration file.

FILES

       The  default  locations  of the tcpd access control tables
       are:

       /etc/hosts.allow
       /etc/hosts.deny

SEE ALSO

       tcpdchk(8), tcpd configuration checker
       hosts_access(5), format of the tcpd access control tables.
       hosts_options(5), format of the language extensions.
       inetd.conf(5), format of the inetd control file.
       tlid.conf(5), format of the tlid control file.

AUTHORS

       Wietse Venema (wietse@wzv.win.tue.nl),
       Department of Mathematics and Computing Science,
       Eindhoven University of Technology
       Den Dolech 2, P.O. Box 513,
       5600 MB Eindhoven, The Netherlands