leafnode fetchnews: получил фиктивное приветствие (498)

futzed вокруг с hosts.allow и hosts.deny очень небезопасным способом:

thufir@arrakis:~$ 
thufir@arrakis:~$ cat /etc/hosts.allow 
# /etc/hosts.allow: list of hosts that are allowed to access the system.
#                   See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: LOCAL @some_netgroup
#             ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you're going to protect the portmapper use the name "rpcbind" for the
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
#

#-- leafnode begin
leafnode: 192.168.1.7
leafnode: 127.0.0.1
#-- leafnode end
thufir@arrakis:~$ 
thufir@arrakis:~$ cat /etc/hosts.deny 
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "rpcbind" for the
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
#
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID

#-- leafnode begin
#leafnode: ALL
#-- leafnode end
thufir@arrakis:~$ 

и игнорировал все предупреждения в тонкой инструкции для каждого файла конфигурации:

## By default, leafnode only serves connections from addresses in the
## local networks and drops those from outside. An IPv4 address, or an
## IPv6 address on computers that provide the getifaddrs() interface is
## considered local if it is within the networks (IP/netmask) of the local
## interfaces. On computers that lack the getifaddrs() interface, an
## IPv6 address is considered local if it is site-local, link-local or
## the loopback address (::1).
##
## You can enable remote access by doing:
## 1. enabling access for single static IPs (or subnetworks) through
##    your super server (xinetd, tcpserver) or, if the service is wrapped by
##    tcpd, hosts.allow/hosts.deny configuration,
## 2. disabling access for all other hosts (default to deny),
## 3. testing that "deny" works, to avoid abuse of your server,
## 4. uncommenting this option, capitalizing the "strangers" subword and
##    setting the value to 42.
##
## WARNING: ENABLING THIS OPTION IS DANGEROUS. YOU AGREE TO BE LIABLE
## FOR ALL ABUSE OF YOUR SERVER WHEN THIS OPTION IS ENABLED.
## IF ANYTHING ABOUT ITEMS 1. TO 3. ABOVE IS UNCLEAR, DO NOT ENABLE THIS!
## IF YOU ARE NOT FAMILIAR WITH ACCESS CONTROL, OR YOUR CLIENTS ARE ON
## DYNAMIC IPS, YOU MUST NOT ENABLE THIS. (You can use other, authenticated,
## methods of access instead, for instance SSH tunnels.)
##
#

allowSTRANGERS = 42

сейчас, sorta, kinda works. очевидно, не является хорошим решением.

futzed вокруг с hosts.allow и hosts.deny очень небезопасным способом:

и игнорировал все предупреждения в тонкой инструкции для каждого файла конфигурации:

сейчас, sorta, kinda works. очевидно, не является хорошим решением.

futzed вокруг с hosts.allow и hosts.deny очень небезопасным способом:

и игнорировал все предупреждения в тонкой инструкции для каждого файла конфигурации:

сейчас, sorta, kinda works. очевидно, не является хорошим решением.