| 123456789101112131415161718192021222324252627282930313233 |
- {% if ansible_prolog -%}
- {% from 'templates/ansible/prolog.j2' import prolog with context %}
- {{ prolog() }}
- {% endif -%}
- # /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
- # See the manual pages hosts_access(5) and hosts_options(5).
- #
- # Example: ALL: some.host.name, .some.domain
- # ALL EXCEPT in.fingerd: other.host.name, .other.domain
- #
- # If you're going to protect the portmapper use the name "portmap" for the
- # daemon name. Remember that you can only use the keyword "ALL" and IP
- # addresses (NOT host or domain names) for the portmapper, as well as for
- # rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
- # for further information.
- #
- # The PARANOID wildcard matches any host whose name does not match its
- # address.
- #
- # You may wish to enable this to ensure any programs that don't
- # validate looked up hostnames still leave understandable logs. In past
- # versions of Debian this has been the default.
- # ALL: PARANOID
- {% if host_deny_paranoid %}
- ALL: PARANOID
- {% endif %}
- {% if hosts_deny_nfs %}
- portmap: ALL
- lockd: ALL
- mountd: ALL
- rquotad: ALL
- statd: ALL
- {% endif %}
|
