NAME

tcpdchk - tcp wrapper configuration checker

SYNOPSIS

tcpdchk [-a] [-d] [-i inet_conf] [-v]

DESCRIPTION

_t_c_p_d_c_h_k examines your tcp wrapper configuration and reports all potential and real problems it can find. The program examines the _t_c_p_d access control files (by default, these are _/_e_t_c_/_h_o_s_t_s_._a_l_l_o_w and _/_e_t_c_/_h_o_s_t_s_._d_e_n_y), and compares the entries in these files against entries in the _i_n_e_t_d or _t_l_i_d network configuration files.

_t_c_p_d_c_h_k reports problems such as non-existent pathnames; services that appear in _t_c_p_d access control rules, but are not controlled by _t_c_p_d; services that should not be wrapped; non-existent host names or non-internet address forms; occurrences of host aliases instead of official host names; hosts with a name/address conflict; inappropriate use of wildcard patterns; inappropriate use of NIS netgroups or references to non-existent NIS netgroups; references to non-existent options; invalid arguments to options; and so on.

Where possible, _t_c_p_d_c_h_k provides a helpful suggestion to fix the problem.

OPTIONS

-a Report access control rules that permit access without an explicit
ALLOW keyword. This applies only when the extended access control language is enabled (build with -DPROCESS_OPTIONS).
-d Examine _h_o_s_t_s_._a_l_l_o_w and _h_o_s_t_s_._d_e_n_y files in the current
directory instead of the default ones.
-i inet_conf Specify this option when _t_c_p_d_c_h_k is unable to find your
_i_n_e_t_d_._c_o_n_f or _t_l_i_d_._c_o_n_f network configuration file, or when you suspect that the program uses the wrong one.
-v Display the contents of each access control rule. Daemon lists, client
lists, shell commands and options are shown in a pretty-printed format; this makes it easier for you to spot any discrepancies between what you want and what the program understands.

FILES

The default locations of the _t_c_p_d access control tables are:

/etc/hosts.allow
/etc/hosts.deny

SEE ALSO


tcpdmatch(8), explain what tcpd would do in specific cases.
hosts_access(5), format of the tcpd access control tables.
hosts_options(5), format of the language extensions.
inetd.conf(5), format of the inetd control file.

AUTHORS


Wietse Venema (wietse@wzv.win.tue.nl),
Department of Mathematics and Computing Science,
Eindhoven University of Technology
Den Dolech 2, P.O. Box 513,
5600 MB Eindhoven, The Netherlands