hosts.deny.j2 1.1 KB

123456789101112131415161718192021222324252627282930313233
  1. {% if ansible_prolog -%}
  2. {% from 'templates/ansible/prolog.j2' import prolog with context %}
  3. {{ prolog() }}
  4. {% endif -%}
  5. # /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
  6. # See the manual pages hosts_access(5) and hosts_options(5).
  7. #
  8. # Example: ALL: some.host.name, .some.domain
  9. # ALL EXCEPT in.fingerd: other.host.name, .other.domain
  10. #
  11. # If you're going to protect the portmapper use the name "portmap" for the
  12. # daemon name. Remember that you can only use the keyword "ALL" and IP
  13. # addresses (NOT host or domain names) for the portmapper, as well as for
  14. # rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
  15. # for further information.
  16. #
  17. # The PARANOID wildcard matches any host whose name does not match its
  18. # address.
  19. #
  20. # You may wish to enable this to ensure any programs that don't
  21. # validate looked up hostnames still leave understandable logs. In past
  22. # versions of Debian this has been the default.
  23. # ALL: PARANOID
  24. {% if host_deny_paranoid %}
  25. ALL: PARANOID
  26. {% endif %}
  27. {% if hosts_deny_nfs %}
  28. portmap: ALL
  29. lockd: ALL
  30. mountd: ALL
  31. rquotad: ALL
  32. statd: ALL
  33. {% endif %}