tcpdmatch is a good tool for initially testing access rules before putting them in place.


Based on the rules provided in the hosts.allow and hosts.deny files, wrappers predicts if access is granted or denied. You simply provide it with a daemon name and a IP or host or domain name that you wish to test.

The basic format for tcpdmatch is:

tcpdmatch <daemon> <host>


Where <daemon> is the actual daemon, for example ftpd, and <host> is the IP or hostname

Assume we only have the following access rule in our hosts.allow:

telnetd,sshd:192.168.4. : allow


Tcpdmatch is now ran, parsing it the telnetd daemon name with the IP: The following is output:

# tcpdmatch telnetd
tcpdmatch telnetd
client:   address
server:   process  telnetd
matched:  /etc/hosts.allow line 1
option:   allow
access:   granted