using innd with tcp_wrappers

Russ Allbery rra at
Wed Mar 14 15:41:07 UTC 2007

Bill Tangren <bjt at> writes:

> I'm trying to restrict access to my server by using hosts.deny and
> hosts.allow.  The problem I'm having is that if I put


> in hosts.deny, then my users can no longer get access to news
> groups. Does anyone know the magic words to place into hosts.allow to
> unblock newsgroup access? I allow use of port 119 only on the server
> itself (for whomever is sitting at the console), via the innd service. I
> allow outside connections only on port 563, via an xinetd service (the
> two use different readers.conf files).

INN itself doesn't link with TCP wrappers, so it's not the one imposing
the restriction.  In your case, xinetd is probably what's doing this, and
probably only on port 563.  Adding something like:

    nnrpd: ALL

to hosts.allow will probably do it if my guesses are right.

Russ Allbery (rra at             <>

    Please send questions to the list rather than mailing me directly.
     <> explains why.

More information about the inn-workers mailing list