tcpdmatch predicts how the tcp wrapper would handle a specific request for service. Examples are given below.
The program examines the tcpd access control tables (default /etc/hosts.allow and /etc/hosts.deny) and prints its conclusion. For maximal accuracy, it extracts additional information from your inetd or tlid network configuration file.
The following two arguments are always required:
A daemon process name. Typically, the last component of a daemon executable pathname.
A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns.
When a client host name is specified, tcpdmatch gives a prediction for each address listed for that client.
When a client address is specified, tcpdmatch predicts what tcpd would do when client name lookup fails.
Optional information specified with the daemon@server form:
A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns. The default server name is `unknown'.
Optional information specified with the user@client form:
Examine hosts.allow and hosts.deny files in the current directory instead of the default ones.
To predict how tcpd would handle a telnet request from the local system:
tcpdmatch in.telnetd localhost
The same request, pretending that hostname lookup failed:
tcpdmatch in.telnetd 127.0.0.1
To predict what tcpd would do when the client name does not match the client address:
tcpdmatch in.telnetd paranoid
The default locations of the tcpd access control tables are: