[Nut-upsuser] Access restriction on Upgrade Debian lenny -> Debian squeeze

Lukas Haase lukashaase at gmx.at
Fri Mar 11 10:50:41 UTC 2011

Am 11.03.2011 10:32, schrieb Arnaud Quette:
> [...]
> a full chapter of the user documentation focus on all the security
> mechanisms available with NUT, including TCP-Wrappers, Firewall, (SSL)
> authentication and encryption
> http://www.networkupstools.org/docs/user-manual.chunked/ar01s09.html

Aah, thanks for the pointer!
If I understand correctly, /etc/hosts.deny and .allow should provide the 
same functionality as allowFrom/ACL/ALLOW/REJECT.

Fortunately the Debian package is linked to libwrap0 which should 
provide this funtionality, should it?!

Nevertheless, I do not understand why you use "ups" in hosts.allow and 
"upsd" in hosts.deny?

I somehow tried both but it does somehow not work as expected.

When I add

ups : ALL
upsd : ALL

to hosts.deny, then no communication should be possible. However, I can 
access the statistics from another host running upsstats.cgi!

I also tested with "upsc denchi at localhost" - it always works!

However, running upsmon I get the following error in syslog:

upsmon[20181]: Startup successful
upsmon[20184]: Login on UPS [denchi at localhost] failed - got [ERR 

When I add

upsd : monmaster at

to hosts.allow

it works:

upsmon[20213]: Startup successful
upsd[19700]: User monmaster at logged into UPS [denchi]

So it somehow works partially ...

What is the explanation for this?


More information about the Nut-upsuser mailing list