hosts 和 hosts.allow 文件之间有什么区别?

hosts 和 hosts.allow 文件之间有什么区别?

hosts 和 hosts.allow 文件之间有什么区别?据我所知,这两个文件似乎都是用于添加允许网络访问的 IP 地址。

以下是我的主机和 hosts.allow 文件:

/etc/hosts  
127.0.0.1   localhost  
127.0.1.1   craig-PE-T130

The following lines are desirable for IPv6 capable hosts  
::1     ip6-localhost ip6-loopback


/etc/hosts.allow  
list of hosts that are allowed to access the system.
See the manual pages hosts_access(5) and hosts_options(5).

Example:    ALL: LOCAL @some_netgroup
            ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
            If you're going to protect the portmapper use the name "rpcbind" for the
            daemon name. See rpcbind(8) and rpc.mountd(8) for further information.

答案1

两者的功能有很大不同。

  1. /etc/hosts用作本地apache实例上的本地 DNS 或nginx根据情况映射domain namesip address 127.0.*.*

    From "man hosts": hosts - static table lookup for hostnames. So when we request a domain 
    in our browser say "mydoman.com", our system checks in the /etc/hosts files to resolve 
    this "domain name" to an "IP address". If we have that entry in the "/etc/hosts" file
    then the page content is served up from our machine files else it look out on the inter-
    net to resolve that name.
    
  2. /etc/host.allow并像控制外部源对机器或网络的访问/etc/hosts.deny一样使用。请注意iptableiptables 和主机访问不能同时使用。要么使用iptables主机访问控制机制,要么使用access control library机制

    Example hosts file entries are
    
    #
    # hosts.allow   This file describes the names of 
    #               the hosts that are allowed to use 
    #               the local INET services, as decided
    #               by the '/usr/sbin/tcpd' server.
    #
    # Only allow connections within the virginia.edu 
    # domain.
    
    ALL: .virginia.edu
    
    
    #
    # hosts.deny    This file describes the names of
    #               the hosts that are *not* allowed 
    #               to use the local INET services, as 
    #               decided by the '/usr/sbin/tcpd' 
    #               server.
    #
    # deny all by default, only allowing hosts or 
    # domains listed in hosts.allow.
    
    ALL: ALL
    

资料来源:

人主机,人hosts_access,弗吉尼亚教育网

答案2

/etc/hosts

是允许在本地主机上进行名称解析的文件。获取 Ipv4 或 IPv6 地址并将其转换为友好名称。

/etc/hosts.allow

由协议用来XDCMP提供允许访问服务的机器列表。

答案3

etc/hosts 

文件用于将域名与 IP 地址关联起来。IP 地址的条目在一行中给出。在当今的系统中,etc/hosts 文件(也称为主机表)被 DNS 服务器抑制。我主要将其用于本地测试。它是操作系统 Internet 协议 (IP) 实现的常见部分。

etc/hosts.allow or etc/hosts.deny

用于允许/拒绝访问不同的服务。

一般来说,这些文件现在已被弃用。如果你想通过这种方式阻止对服务的访问,你需要查找该服务是否已使用 TCP Wrappers 进行编译。防火墙是阻止服务的好方法。

相关内容