On Sun, Feb 11, 2001 at 12:17:01PM -0500, gabriel rosenkoetter wrote:
> On Sun, Feb 11, 2001 at 07:29:18AM +0100, T@W wrote:
> > Isn't /etc/hosts.deny redundant and therefor should be ignored/deleted?
> 
> Uh? No, not at all.
> 
> Have a look at hosts_access(5). Especially:
> 
>        o      Access  will be granted when a (daemon,client) pair
>               matches an entry in the /etc/hosts.allow file.
> 
>        o      Otherwise, access  will  be  denied  when  a  (dae-
>               mon,client)   pair   matches   an   entry   in  the
>               /etc/hosts.deny file.
> 
>        o      Otherwise, access will be granted.

  Well, actually, it is entirely superfluous.  The extended access-control
language (which is supported by the in-tree tcpwrapper code) permits
specification of denials in hosts.allow.  So, you can specify your entire
tcpwrappers configuration in a single file.  See hosts_options(5) for details.