From owner-freebsd-current@FreeBSD.ORG  Fri Jul  4 17:00:48 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 922F437B401; Fri,  4 Jul 2003 17:00:48 -0700 (PDT)
Received: from mail.westbend.net (ns1.westbend.net [216.47.253.3])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id AE5F943FE1; Fri,  4 Jul 2003 17:00:47 -0700 (PDT)
	(envelope-from hetzels@westbend.net)
Received: from ADMIN00 (admin00.westbend.net [216.47.253.17])
	by mail.westbend.net (8.12.9/8.12.9) with SMTP id h6500iHZ040985;
	Fri, 4 Jul 2003 19:00:44 -0500 (CDT)
	(envelope-from hetzels@westbend.net)
Message-ID: <00b001c34289$2968e980$11fd2fd8@westbend.net>
From: "Scot W. Hetzel" <hetzels@westbend.net>
To: "Vincent Poy" <vince@oahu.WURLDLINK.NET>, <current@freebsd.org>,
	<markm@freebsd.org>
References: <20030702150751.F3146-100000@oahu.WURLDLINK.NET>
Date: Fri, 4 Jul 2003 19:05:35 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
X-Spam-Status: No, hits=1.0 required=8.0
	tests=QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_00_01,
	      UPPERCASE_25_50,USER_AGENT_OE
	version=2.43
X-Spam-Level: *
Subject: Re: src/libexec/tcpd doesn't work correctly with -DPROCESS_OPTIONS
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Jul 2003 00:00:48 -0000

From: "Vincent Poy" <vince@oahu.WURLDLINK.NET>
> In -CURRENT, /usr/src/libexec/tcpd, the Makefile doesn't have
> -DPROCESS_OPTIONS needed which in hosts_access(5) manpage, allows things
> such as banners for the tcp_wrappers to be working.
>

> So in the /usr/src/libexec/tcpd/Makefile, I added
> -DPROCESS_OPTIONS
>
> CFLAGS+=-DREAL_DAEMON_DIR=\"/usr/libexec\" \
>         -DSEVERITY=LOG_INFO -DRFC931_TIMEOUT=10 \
>         -DHOSTS_DENY=\"/etc/hosts.deny\"
>         -DHOSTS_ALLOW=\"/etc/hosts.allow\" \
>         -DFACILITY=LOG_DAEMON \
>         -DPROCESS_OPTIONS
>
> However, the -DPROCESS_OPTIONS seems to have no effect after I
> replaced the tcpd and restarted inetd.   When one telnets, it just goes
> to telnetd directly without going through the banners even though it
> denies access to those not defined in /etc/hosts.allow:
>
You only enabled 1/3 of the source to use PROCESS_OPTIONS, you also need to
add the option to libwrap (lib/libwrap) and tcpdchk (src/usr.sbin/tcpdchk).

Scot