Ubuntu hosts.allow file is the primary configuration file for TCP Wrapper. We can use hosts.allow file to filter access to our system and to secured a service. Setting up hosts.allow and hosts.deny files like protecting your system with a simple firewall. The complete manual for hosts.allow (and hosts.deny)file can be found in hosts_access manual. The manual contains all information you need to configure the hosts.allow file.
Here is a default Ubuntu hosts.allow file:
luzar@ubuntu:~$ cat /etc/hosts.allow
# /etc/hosts.allow: list of hosts that are allowed to access the system.
# See the manual pages hosts_access(5) and hosts_options(5).
#
# Example: ALL: LOCAL @some_netgroup
# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
Example of Ubuntu hosts.allow configurations:
Mostly Closed
ALL: LOCAL @some_netgroup
ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
Booby trap
in.tftpd: LOCAL, .my.domain
That's all.
