12-18-2003
We on this site expect users to read and follow the rules for the benefit of the entire community.
If users would like admins and moderators to be patient, then users should also be patient and take the time to read the rules and to follow them (all of them). The rules work well and have purpose.
One of the most important rules is to search the forums before asking questions. All of the admins and moderators have other jobs and it is up to the poster to respect that and to do some homework on their own before asking for help.
Also, I think the moderators here do a great job. They will, however, encourage all posters to read the rules and to search before posting. If you have a particular problem with a specfic post, please post the link in this thread and your concerns.
I can take action on specifics as the administrator. Do you have a particular post or reply you find offensive?
Neo
10 More Discussions You Might Find Interesting
1. UNIX Desktop Questions & Answers
Hey all,
I'm brand new to Unix/Linux and have a couple of questions. I own a small education/consulting company that has a staff of approx. 50 employees. Most our work is geared towards the office-style environment (i.e. Word, Excel, Powerpoint, etc.). There are also some C and Java programmers... (4 Replies)
Discussion started by: dennie1
4 Replies
2. Solaris
Ladies/Gentlemen,
I am looking for a web-based tool to keep track of my Sun inventory. The following list of fields are fields I would like to store: Root Passwd (needs to be secure) / Hostid / Console Port / IP Address / Platform / Application / Hostname . . . you get the point.
Do any of... (4 Replies)
Discussion started by: pc9456
4 Replies
3. UNIX for Dummies Questions & Answers
i'm trying to figure out a script that uses sed, and i'm not totally sure if it does what I think it does.
The script...
- takes in 3 inputs, $1, $2 are names. $3 is a file.
- filename is a file.
Here is what I'm trying to figure out:
cat $3 | grep "id17" > var2
sed "s|@@.*||g" var2 >... (1 Reply)
Discussion started by: gammaman
1 Replies
4. UNIX for Dummies Questions & Answers
Hello,
I get the following in one of my error logs:
Device /dev/sda, SATA disks accessed
via libata are not currently supported by smartmontools. When libata is
given an ATA
pass-thru ioctl() then an additional '-d libata' device type will be
added to smartmontools.
---------------
I... (0 Replies)
Discussion started by: mojoman
0 Replies
5. UNIX and Linux Applications
Hello,
I get the following in one of my error logs:
Device /dev/sda, SATA disks accessed
via libata are not currently supported by smartmontools. When libata is
given an ATA
pass-thru ioctl() then an additional '-d libata' device type will be
added to smartmontools.
---------------
... (1 Reply)
Discussion started by: mojoman
1 Replies
6. UNIX for Advanced & Expert Users
This perhaps does not belong in ths category; apologies, however, we have a heated debate going and your input will decide the result.
Should UNIX (HP, AIX, etc) be rebooted following a monthly cycle (Every month, or a qtr, etc.). We have some UX admins (grumps) who say they have seen a UX... (6 Replies)
Discussion started by: rsheikh
6 Replies
7. UNIX for Advanced & Expert Users
Hello all,
I want to deny any torrents passing thru linux box that are NOT encrypted. My ISP is doing packet inspection and gives warnings.
I'd like to allow torrents when client sets encryption.
Any thoughts? (5 Replies)
Discussion started by: darkman_hr
5 Replies
8. What is on Your Mind?
Dear Forum staff / Advisors / members ,
I am having something in my mind, about Linux / Unix possible Interview questions collections, I guess if I post them here,which might be useful for our members and for students, and in meantime we can discuss also about those questions, what's your... (4 Replies)
Discussion started by: Akshay Hegde
4 Replies
9. Shell Programming and Scripting
:wall:I've this simple code:
STF=/opt/aaa
cat $STF | nice sort -u > $STF.new && mv $STF.new $STF
Which works until today. What happened is that this script has been corrupted the FS, so I've to use fschk to repair the filesystem.
I presume the move command executed just a little too early... (1 Reply)
Discussion started by: accolito
1 Replies
10. AIX
Why Do We Need Root on the HMC?
In this article in IBMSystems Magazine Rob McNelly asked the question
Why Don't We Have Root on the HMC?
and he goes on to justify why we indeed shouldn't have root - kinda. I think his arguments are not as valid as he perhaps thinks they are and what's more... (11 Replies)
Discussion started by: bakunin
11 Replies
tcprules(1) General Commands Manual tcprules(1)
NAME
tcprules - compile rules for tcpserver
SYNOPSIS
tcprules rules.cdb rules.tmp
OVERVIEW
tcpserver optionally follows rules to decide whether a TCP connection is acceptable. For example, a rule of
18.23.0.32:deny
prohibits connections from IP address 18.23.0.32.
tcprules reads rules from its standard input and writes them into rules.cdb in a binary format suited for quick access by tcpserver.
tcprules can be used while tcpserver is running: it ensures that rules.cdb is updated atomically. It does this by first writing the rules
to rules.tmp and then moving rules.tmp on top of rules.cdb. If rules.tmp already exists, it is destroyed. The directories containing
rules.cdb and rules.tmp must be writable to tcprules; they must also be on the same filesystem.
If there is a problem with the input, tcprules complains and leaves rules.cdb alone.
The binary rules.cdb format is portable across machines.
RULE FORMAT
A rule takes up one line. A file containing rules may also contain comments: lines beginning with # are ignored.
Each rule contains an address, a colon, and a list of instructions, with no extra spaces. When tcpserver receives a connection from that
address, it follows the instructions.
ADDRESSES
tcpserver starts by looking for a rule with address TCPREMOTEINFO@TCPREMOTEIP. If it doesn't find one, or if TCPREMOTEINFO is not set, it
tries the address TCPREMOTEIP. If that doesn't work, it tries shorter and shorter prefixes of TCPREMOTEIP ending with a dot. If none of
them work, it tries the empty string.
For example, here are some rules:
joe@127.0.0.1:first
18.23.0.32:second
127.:third
:fourth
::1:fifth
If TCPREMOTEIP is 10.119.75.38, tcpserver will follow the fourth instructions.
If TCPREMOTEIP is ::1, tcpserver will follow the fifth instructions. Note that you cannot detect IPv4 mapped addresses by matching
"::ffff", as those addresses will be converted to IPv4 before looking at the rules.
If TCPREMOTEIP is 18.23.0.32, tcpserver will follow the second instructions.
If TCPREMOTEINFO is bill and TCPREMOTEIP is 127.0.0.1, tcpserver will follow the third instructions.
If TCPREMOTEINFO is joe and TCPREMOTEIP is 127.0.0.1, tcpserver will follow the first instructions.
ADDRESS RANGES
tcprules treats 1.2.3.37-53:ins as an abbreviation for the rules 1.2.3.37:ins, 1.2.3.38:ins, and so on up through 1.2.3.53:ins. Similarly,
10.2-3.:ins is an abbreviation for 10.2.:ins and 10.3.:ins.
INSTRUCTIONS
The instructions in a rule must begin with either allow or deny. deny tells tcpserver to drop the connection without running anything.
For example, the rule
:deny
tells tcpserver to drop all connections that aren't handled by more specific rules.
The instructions may continue with some environment variables, in the format ,VAR="VALUE". tcpserver adds VAR=VALUE to the current envi-
ronment. For example,
10.0.:allow,RELAYCLIENT="@fix.me"
adds RELAYCLIENT=@fix.me to the environment. The quotes here may be replaced by any repeated character:
10.0.:allow,RELAYCLIENT=/@fix.me/
Any number of variables may be listed:
127.0.0.1:allow,RELAYCLIENT="",TCPLOCALHOST="movie.edu"
SEE ALSO
tcprulescheck(1), tcpserver(1), tcp-environ(5)
tcprules(1)