Date: Tue, 25 Jan 2000 22:20:38 -0800 (PST) From: Jim Pazarena <paz@ccstores.com> To: freebsd-questions@freebsd.org Subject: Re: inetd with wrappers built-in Message-ID: <10001252220.aa12531@ccstores.com>
index | next in thread | raw e-mail
To answer my own question:
The wrappers which is built in to inetd on 3.4 does NOT have the blacklist
patch (which was supplied by Wietse Venema the creator of wrappers).
This makes the utilization of wrappers within inetd less than ideal.
Can anyone confirm if this patch will be applied in any future version
of FreeBSD? 3.5 perhaps?
-----------------------------------
From: Jim Pazarena <paz@ccstores.com>
To: freebsd-questions@freebsd.org
Date: Mon, 24 Jan 2000 14:38:02 -0800 (PST)
>Subject: Re: inetd with wrappers built-in
>Date: Mon, 24 Jan 2000 21:01:38 +0000
>From: George Cox <gjvc@extremis.demon.co.uk>
>On 24/01 10:02, Jim Pazarena wrote:
>> Can anyone confirm yay/nay if the wrappers which is built-in
>> to the inetd on 3.4 has the blacklist patch compiled into it?
>You sound like you mean the RBL "Real-time blackhole list" spam filter.
>Any filtering inetd does is based on the IP address of the connecting host.
>It is up to an application level process to filter content.
No. Not the RBL. tcp-wrappers has a patch which when applied permits
you to reference a FILE NAME in place of an machine address/name.
Therefore in a hosts.deny you can enter (for example)
pop : /etc/hosts.fylname : DENY
and the file "/etc/hosts.fylname" will be treated as a continuous list
of IP's.
This makes adding an IP to the wrappers rejection list _very_ easy.
FreeBSD 3.3 still did not have this wrappers patch applied, and therefore
I could not utilize this feature of wrappers.
--
Jim Pazarena mailto:paz@ccstores.com
http://www.qcislands.net/paz
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?10001252220.aa12531>