Bug 175460

Summary: hosts.deny matches on non-matching hosts
Product: [Fedora] Fedora Reporter: Matt Castelein <matt.castelein>
Component: tcp_wrappersAssignee: Tomas Janousek <tjanouse>
Status: CLOSED WORKSFORME QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 4CC: tjanouse
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-01-18 11:19:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matt Castelein 2005-12-11 02:13:49 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20051012 Netscape/8.0.4

Description of problem:
tcp_wrappers is denying connections from 192.168.1.117.. after commenting out line by line in hosts.deny I have determined it is matching on the line "ALL:209.234.0.0/255.255.0.0"

I also modified this to "ALL:209.234." and it still matches.

Version-Release number of selected component (if applicable):
tpc_wrappers-7.6-39

How reproducible:
Always

Steps to Reproduce:
1.I uncomment the line in hosts.deny
2.requests from 192.168.1.117 are denied
3.
  

Actual Results:  I was unable to connect to the computer from the local subnet

Expected Results:  I should have been able to connect

Additional info:
Comment 1 Tomas Janousek 2007-01-17 13:23:48 UTC 
I can't reproduce this, what service do you connect to?
Is this still of an issue?
Comment 2 Matt Castelein 2007-01-17 14:23:42 UTC 
The services we were trying to use were SSH and telnet.  We have since moved to
FC5 and are now using iptables, therefore I am uncertain if this problem still
exists.
Comment 3 Tomas Janousek 2007-01-18 11:19:17 UTC 
I was unable to reproduce this with SSH neither so I'm closing with WORKSFORME.
Feel free to reopen (and change the distro version) if you encounter this issue
again.