2.11BSD/man/cat8/tcpdmatch.0
TCPDMATCH(8) UNIX Programmer's Manual TCPDMATCH(8)
NAME
tcpdmatch - tcp wrapper oracle
SYNOPSYS
tcpdmatch [-d] [-i inet_conf] daemon client
tcpdmatch [-d] [-i inet_conf] daemon[@server] [user@]client
DESCRIPTION
_�t_�c_�p_�d_�m_�a_�t_�c_�h predicts how the tcp wrapper would handle a
specific request for service. Examples are given below.
The program examines the _�t_�c_�p_�d access control tables (default
/_�e_�t_�c/_�h_�o_�s_�t_�s._�a_�l_�l_�o_�w and /_�e_�t_�c/_�h_�o_�s_�t_�s._�d_�e_�n_�y) and prints its conclu-
sion. For maximal accuracy, it extracts additional informa-
tion from your _�i_�n_�e_�t_�d or _�t_�l_�i_�d network configuration file.
When _�t_�c_�p_�d_�m_�a_�t_�c_�h finds a match in the access control tables,
it identifies the matched rule. In addition, it displays the
optional shell commands or options in a pretty-printed for-
mat; this makes it easier for you to spot any discrepancies
between what you want and what the program understands.
ARGUMENTS
The following two arguments are always required:
daemon
A daemon process name. Typically, the last component of
a daemon executable pathname.
client
A host name or network address, or one of the `unknown'
or `paranoid' wildcard patterns.
When a client host name is specified, _�t_�c_�p_�d_�m_�a_�t_�c_�h gives a
prediction for each address listed for that client.
When a client address is specified, _�t_�c_�p_�d_�m_�a_�t_�c_�h predicts
what _�t_�c_�p_�d would do when client name lookup fails.
Optional information specified with the _�d_�a_�e_�m_�o_�n@_�s_�e_�r_�v_�e_�r form:
server
A host name or network address, or one of the `unknown'
or `paranoid' wildcard patterns. The default server
name is `unknown'.
Optional information specified with the _�u_�s_�e_�r@_�c_�l_�i_�e_�n_�t form:
user A client user identifier. Typically, a login name or a
numeric userid. The default user name is `unknown'.
Printed 11/24/99 1
TCPDMATCH(8) UNIX Programmer's Manual TCPDMATCH(8)
OPTIONS
-d Examine _�h_�o_�s_�t_�s._�a_�l_�l_�o_�w and _�h_�o_�s_�t_�s._�d_�e_�n_�y files in the current
directory instead of the default ones.
-i inet_conf
Specify this option when _�t_�c_�p_�d_�m_�a_�t_�c_�h is unable to find
your _�i_�n_�e_�t_�d._�c_�o_�n_�f or _�t_�l_�i_�d._�c_�o_�n_�f network configuration
file, or when you suspect that the program uses the
wrong one.
EXAMPLES
To predict how _�t_�c_�p_�d would handle a telnet request from the
local system:
tcpdmatch in.telnetd localhost
The same request, pretending that hostname lookup failed:
tcpdmatch in.telnetd 127.0.0.1
The predict what tcpd would do when the client name does not
match the client address:
tcpdmatch in.telnetd paranoid
On some systems, daemon names have no `in.' prefix, or
_�t_�c_�p_�d_�m_�a_�t_�c_�h may need some help to locate the inetd configura-
tion file.
FILES
The default locations of the _�t_�c_�p_�d access control tables are:
/etc/hosts.allow
/etc/hosts.deny
SEE ALSO
tcpdchk(8), tcpd configuration checker
hosts_access(5), format of the tcpd access control tables.
hosts_options(5), format of the language extensions.
inetd.conf(5), format of the inetd control file.
tlid.conf(5), format of the tlid control file.
AUTHORS
Wietse Venema (wietse@wzv.win.tue.nl),
Department of Mathematics and Computing Science,
Eindhoven University of Technology
Den Dolech 2, P.O. Box 513,
5600 MB Eindhoven, The Netherlands
Printed 11/24/99 2