Configuring and Managing MPE/iX Internet Services (MPE/iX 6.5)
34 Chapter2
Internet Daemon
inetd Security File
Editing Tips
When you edit the inetd security file, remember the following points:
• To “comment out” a line, begin column 1 with a pound symbol (#). To
enable a security provision that has been commented out, delete the
pound symbol
and
any blank spaces preceding the service name.
• Enter the real service name, not the alias, of a valid service in the
inetd configuration file.
• Separate the IP addresses and domain names by a white space. You
may enter any mix of addresses and names. For example, the
following entry denies Telnet access to host hp22.cup.hp.com, any
hosts on the network named “testlan,” and the host with IP address
192.54.24.5:
telnet deny hp22.cup.hp.com testlan 192.54.24.5
• To continue an entry on the next line, place a slash (/)
at the end
of the line
to be continued. The Internet daemon will ignore a
slash that appears in the middle of the line, continue reading to the
end, and ignore the next line. In this case, it will probably
misinterpret the entry and you will see an error message.
Using Wildcard Characters
You may use wildcard characters (*) in any of the fields of the address
to specify permissions for a group of hosts or networks. This makes it
more convenient to specify an entire network, since you will not need to
specify each host in that network. The following sample entry, for
example, allows all hosts with network addresses starting with a 10, as
well as the single host whose address is 192.54.24.5 to use Telnet:
telnet allow 10.* 192.54.24.5
You cannot use the wildcard character in combination with other
integers in one part of an address field. For example, this entry in the
inetd security file will generate an error message because the second
field includes a 5 followed by the * character:
tftp deny 10.5*
Either integers
or
the wildcard character is allowed in one part of an
address field.