From owner-freebsd-questions  Tue Jan 25 22:31:28 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.qcislands.net (mail.qcislands.net [209.53.238.6])
	by hub.freebsd.org (Postfix) with ESMTP id 2235214CD3
	for <freebsd-questions@freebsd.org>; Tue, 25 Jan 2000 22:31:25 -0800 (PST)
	(envelope-from ccstore@qcislands.net)
Received: from [209.53.238.8] (helo=wwwa.qcislands.net)
	by mail.qcislands.net with esmtp (Exim 3.036 #1)
	id 12DLzA-000BDj-00
	for freebsd-questions@freebsd.org; Tue, 25 Jan 2000 22:31:24 -0800
Received: from ccstore by wwwa.qcislands.net with local (Exim 3.01 #3)
	id 12DLzA-0001PS-00
	for freebsd-questions@freebsd.org; Wed, 26 Jan 2000 06:31:24 +0000
From: Jim Pazarena <paz@ccstores.com>
To: freebsd-questions@freebsd.org
Subject: Re: inetd with wrappers built-in
X-Mailer: SCO Shell
Date: Tue, 25 Jan 2000 22:20:38 -0800 (PST)
Message-ID:  <10001252220.aa12531@ccstores.com>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

To answer my own question:

The wrappers which is built in to inetd on 3.4 does NOT have the blacklist
patch (which was supplied by Wietse Venema the creator of wrappers).

This makes the utilization of wrappers within inetd less than ideal.
Can anyone confirm if this patch will be applied in any future version
of FreeBSD? 3.5 perhaps?

-----------------------------------

From: Jim Pazarena <paz@ccstores.com>
To: freebsd-questions@freebsd.org
Date: Mon, 24 Jan 2000 14:38:02 -0800 (PST)

 >Subject: Re: inetd with wrappers built-in
 >Date: Mon, 24 Jan 2000 21:01:38 +0000
 >From: George Cox <gjvc@extremis.demon.co.uk>

 >On 24/01 10:02, Jim Pazarena wrote:

 >> Can anyone confirm yay/nay if the wrappers which is built-in
 >> to the inetd on 3.4 has the blacklist patch compiled into it?

 >You sound like you mean the RBL "Real-time blackhole list" spam filter.
 >Any filtering inetd does is based on the IP address of the connecting host.
 >It is up to an application level process to filter content.


No. Not the RBL. tcp-wrappers has a patch which when applied permits
you to reference a FILE NAME in place of an machine address/name.
Therefore in a hosts.deny you can enter (for example)

pop : /etc/hosts.fylname : DENY

and the file "/etc/hosts.fylname" will be treated as a continuous list
of IP's.

This makes adding an IP to the wrappers rejection list _very_ easy.
FreeBSD 3.3 still did not have this wrappers patch applied, and therefore
I could not utilize this feature of wrappers.


                                                                                
--
Jim Pazarena     mailto:paz@ccstores.com 
                 http://www.qcislands.net/paz
 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message