hosts.deny.j2 1.1 KB

12345678910111213141516171819202122232425262728293031323334
  1. {% if ansible_controlled is defined and ansible_controlled != "" %}
  2. #
  3. # {{ ansible_controlled }}
  4. #
  5. {% endif %}
  6. # /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
  7. # See the manual pages hosts_access(5) and hosts_options(5).
  8. #
  9. # Example: ALL: some.host.name, .some.domain
  10. # ALL EXCEPT in.fingerd: other.host.name, .other.domain
  11. #
  12. # If you're going to protect the portmapper use the name "portmap" for the
  13. # daemon name. Remember that you can only use the keyword "ALL" and IP
  14. # addresses (NOT host or domain names) for the portmapper, as well as for
  15. # rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
  16. # for further information.
  17. #
  18. # The PARANOID wildcard matches any host whose name does not match its
  19. # address.
  20. #
  21. # You may wish to enable this to ensure any programs that don't
  22. # validate looked up hostnames still leave understandable logs. In past
  23. # versions of Debian this has been the default.
  24. # ALL: PARANOID
  25. {% if host_deny_paranoid %}
  26. ALL: PARANOID
  27. {% endif %}
  28. {% if hosts_deny_nfs %}
  29. portmap: ALL
  30. lockd: ALL
  31. mountd: ALL
  32. rquotad: ALL
  33. statd: ALL
  34. {% endif %}