T@W wrote:
> >Do you have tcpwrappers or anything similar set to deny connections
> >from the other boxes? Check /etc/hosts.deny and /etc/hosts.allow.
> 
> Isn't /etc/hosts.deny redundant and therefor should be ignored/deleted?

Each file does different things, see e.g. hosts.deny(8).
- hosts.allow lists hosts which should be allowed to connect to given service
- otherwise, hosts.deny lists hosts which should be denied a connection
- if host doesn't match any entry in either of those files, access is granted

This makes it easy to e.g. deny access for group of hosts, but still
allow connection for particular subgroup.

While this could be done with single configuration file instead of two
with some kind of special grammar to differentiate between deny and
allow entries, I like the separation to two different files better.
This makes very clear if the given group of hosts has access denied
or allowed, it's less error prone this way IMHO.

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>      http://www.ics.muni.cz/~dolecek/
@@@@  Wanna a real operating system ? Go and get NetBSD, dammit!  @@@@