Date: Fri, 4 Jul 2003 19:05:35 -0500 From: "Scot W. Hetzel" <hetzels@westbend.net> To: "Vincent Poy" <vince@oahu.WURLDLINK.NET>, <current@freebsd.org>, <markm@freebsd.org> Subject: Re: src/libexec/tcpd doesn't work correctly with -DPROCESS_OPTIONS Message-ID: <00b001c34289$2968e980$11fd2fd8@westbend.net> References: <20030702150751.F3146-100000@oahu.WURLDLINK.NET>
next in thread | previous in thread | raw e-mail | index | archive | help
From: "Vincent Poy" <vince@oahu.WURLDLINK.NET> > In -CURRENT, /usr/src/libexec/tcpd, the Makefile doesn't have > -DPROCESS_OPTIONS needed which in hosts_access(5) manpage, allows things > such as banners for the tcp_wrappers to be working. > > So in the /usr/src/libexec/tcpd/Makefile, I added > -DPROCESS_OPTIONS > > CFLAGS+=-DREAL_DAEMON_DIR=\"/usr/libexec\" \ > -DSEVERITY=LOG_INFO -DRFC931_TIMEOUT=10 \ > -DHOSTS_DENY=\"/etc/hosts.deny\" > -DHOSTS_ALLOW=\"/etc/hosts.allow\" \ > -DFACILITY=LOG_DAEMON \ > -DPROCESS_OPTIONS > > However, the -DPROCESS_OPTIONS seems to have no effect after I > replaced the tcpd and restarted inetd. When one telnets, it just goes > to telnetd directly without going through the banners even though it > denies access to those not defined in /etc/hosts.allow: > You only enabled 1/3 of the source to use PROCESS_OPTIONS, you also need to add the option to libwrap (lib/libwrap) and tcpdchk (src/usr.sbin/tcpdchk). Scot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b001c34289$2968e980$11fd2fd8>