TCPDMATCH(8) UNIX Programmer's Manual TCPDMATCH(8) NAME tcpdmatch - tcp wrapper oracle SYNOPSYS tcpdmatch [-d] [-i inet_conf] daemon client tcpdmatch [-d] [-i inet_conf] daemon[@server] [user@]client DESCRIPTION _t_c_p_d_m_a_t_c_h predicts how the tcp wrapper would handle a specific request for service. Examples are given below. The program examines the _t_c_p_d access control tables (default /_e_t_c/_h_o_s_t_s._a_l_l_o_w and /_e_t_c/_h_o_s_t_s._d_e_n_y) and prints its conclu- sion. For maximal accuracy, it extracts additional informa- tion from your _i_n_e_t_d or _t_l_i_d network configuration file. When _t_c_p_d_m_a_t_c_h finds a match in the access control tables, it identifies the matched rule. In addition, it displays the optional shell commands or options in a pretty-printed for- mat; this makes it easier for you to spot any discrepancies between what you want and what the program understands. ARGUMENTS The following two arguments are always required: daemon A daemon process name. Typically, the last component of a daemon executable pathname. client A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns. When a client host name is specified, _t_c_p_d_m_a_t_c_h gives a prediction for each address listed for that client. When a client address is specified, _t_c_p_d_m_a_t_c_h predicts what _t_c_p_d would do when client name lookup fails. Optional information specified with the _d_a_e_m_o_n@_s_e_r_v_e_r form: server A host name or network address, or one of the `unknown' or `paranoid' wildcard patterns. The default server name is `unknown'. Optional information specified with the _u_s_e_r@_c_l_i_e_n_t form: user A client user identifier. Typically, a login name or a numeric userid. The default user name is `unknown'. Printed 11/24/99 1 TCPDMATCH(8) UNIX Programmer's Manual TCPDMATCH(8) OPTIONS -d Examine _h_o_s_t_s._a_l_l_o_w and _h_o_s_t_s._d_e_n_y files in the current directory instead of the default ones. -i inet_conf Specify this option when _t_c_p_d_m_a_t_c_h is unable to find your _i_n_e_t_d._c_o_n_f or _t_l_i_d._c_o_n_f network configuration file, or when you suspect that the program uses the wrong one. EXAMPLES To predict how _t_c_p_d would handle a telnet request from the local system: tcpdmatch in.telnetd localhost The same request, pretending that hostname lookup failed: tcpdmatch in.telnetd 127.0.0.1 The predict what tcpd would do when the client name does not match the client address: tcpdmatch in.telnetd paranoid On some systems, daemon names have no `in.' prefix, or _t_c_p_d_m_a_t_c_h may need some help to locate the inetd configura- tion file. FILES The default locations of the _t_c_p_d access control tables are: /etc/hosts.allow /etc/hosts.deny SEE ALSO tcpdchk(8), tcpd configuration checker hosts_access(5), format of the tcpd access control tables. hosts_options(5), format of the language extensions. inetd.conf(5), format of the inetd control file. tlid.conf(5), format of the tlid control file. AUTHORS Wietse Venema (wietse@wzv.win.tue.nl), Department of Mathematics and Computing Science, Eindhoven University of Technology Den Dolech 2, P.O. Box 513, 5600 MB Eindhoven, The Netherlands Printed 11/24/99 2