From owner-freebsd-questions Wed Jan 26 5:11:15 2000 Delivered-To: freebsd-questions@freebsd.org Received: from tetron02.tetronsoftware.com (ftp.tetronsoftware.com [208.236.46.106]) by hub.freebsd.org (Postfix) with ESMTP id 116BD15124 for ; Wed, 26 Jan 2000 05:11:12 -0800 (PST) (envelope-from zeus@tetronsoftware.com) Received: from tetron02.tetronsoftware.com (tetron02.tetronsoftware.com [208.236.46.106]) by tetron02.tetronsoftware.com (8.9.3/8.9.3) with ESMTP id HAA03050; Wed, 26 Jan 2000 07:14:47 -0600 (CST) (envelope-from zeus@tetronsoftware.com) Date: Wed, 26 Jan 2000 07:14:47 -0600 (CST) From: Gene Harris To: Jim Pazarena Cc: freebsd-questions@FreeBSD.ORG Subject: Re: inetd with wrappers built-in In-Reply-To: <10001252220.aa12531@ccstores.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You can recompile with the wrappers patch attached. However, in FreeBSD, most of the daemons you are interested in are built with wrappers, a functionality not found in the Linux implementations. For instance, inetd in 3.3 and later is wrappers ready and you do not even need to refer to the tcpd daemon. As for host.deny, this file is not longer used in 3.3 and later. If you have installed the tcp_wrappers port in 3.4, you should remove the port and use the built in functionality. *==============================================* *Gene Harris http://www.tetronsoftware.com* *FreeBSD Novice * *All ORBS.org SMTP connections are denied! * *==============================================* On Tue, 25 Jan 2000, Jim Pazarena wrote: > To answer my own question: > > The wrappers which is built in to inetd on 3.4 does NOT have the blacklist > patch (which was supplied by Wietse Venema the creator of wrappers). > > This makes the utilization of wrappers within inetd less than ideal. > Can anyone confirm if this patch will be applied in any future version > of FreeBSD? 3.5 perhaps? > > ----------------------------------- > > From: Jim Pazarena > To: freebsd-questions@freebsd.org > Date: Mon, 24 Jan 2000 14:38:02 -0800 (PST) > > >Subject: Re: inetd with wrappers built-in > >Date: Mon, 24 Jan 2000 21:01:38 +0000 > >From: George Cox > > >On 24/01 10:02, Jim Pazarena wrote: > > >> Can anyone confirm yay/nay if the wrappers which is built-in > >> to the inetd on 3.4 has the blacklist patch compiled into it? > > >You sound like you mean the RBL "Real-time blackhole list" spam filter. > >Any filtering inetd does is based on the IP address of the connecting host. > >It is up to an application level process to filter content. > > > No. Not the RBL. tcp-wrappers has a patch which when applied permits > you to reference a FILE NAME in place of an machine address/name. > Therefore in a hosts.deny you can enter (for example) > > pop : /etc/hosts.fylname : DENY > > and the file "/etc/hosts.fylname" will be treated as a continuous list > of IP's. > > This makes adding an IP to the wrappers rejection list _very_ easy. > FreeBSD 3.3 still did not have this wrappers patch applied, and therefore > I could not utilize this feature of wrappers. > > > > -- > Jim Pazarena mailto:paz@ccstores.com > http://www.qcislands.net/paz > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message