Host allow/ Host deny

Hi there guys,

My question is realted to the Host allow and deny configuration.

Is there a way of allowing all in the host allow config?
I assume this would be the best setting if you wanted to be able to login from any machine none IP specific.

Also I have read that host deny is obsolete now. Is that correct?
Note:This may of been only in the distro of fluxbox that i was playing with.

Cheers in advance for any help guys.

Yup, leave /etc/hosts.allow and /etc/hosts.deny as empty files.

Not only obsolete but dangerous in that they can provide a false sense of security.
Use an iptables based firewall instead, I would strongly recommend firehol.

Sample config from a KVM host;


version 5

interface br0 public
server ssh accept src “$SECURE”
server snmp accept src “$MONITOR”
server icmp accept
client all accept

router public_router inface br0 outface any
policy accept

Hopefully this is pretty readable / self-documenting … :slight_smile:
[if you don’t understand this then (a) you don’t need a firewall or (b) you have some reading to do … :wink: ]