Date: Wed, 7 May 2003 10:36:33 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: "Michael K. Smith" <mksmith@noanet.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Where is tcpd? Message-ID: <20030507153632.GJ63345@dan.emsphone.com> In-Reply-To: <BADE73F7.104EC%mksmith@noanet.net> References: <BADE73F7.104EC%mksmith@noanet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (May 07), Michael K. Smith said:
> I would like to use TCP Wrappers for ssh connections to a box, and
> all of the literature regarding the inetd.conf configuration
> references /usr/sbin/tcpd. I have been unable to find tcpd anywhere
> on the system. Is there another way to reference the required files
> in inetd.conf?
Hm? This is the only place tcpd is mentioned in the inetc.conf
manpage, and I think it answers your question pretty well.
IMPLEMENTATION NOTES
TCP Wrappers
When given the -w option, inetd will wrap all services specified
as ``stream nowait'' or ``dgram'' except for ``internal''
services. If the -W option is given, such ``internal'' services
will be wrapped. If both options are given, wrapping for both
internal and external services will be enabled. Either wrapping
option will cause failed connections to be logged to the ``auth''
syslog facility. Adding the -l flag to the wrapping options will
include successful connections in the logging to the ``auth''
facility.
Note that inetd only wraps requests for a ``wait'' service while
no servers are available to service requests. Once a connection
to such a service has been allowed, inetd has no control over
subsequent connec- tions to the service until no more servers are
left listening for connec- tion requests.
When wrapping is enabled, the tcpd daemon is not required, as that
functionality is builtin. For more information on TCP Wrappers,
see the relevant documentation (hosts_access(5)). When reading
that document, keep in mind that ``internal'' services have no
associated daemon name. Therefore, the service name as specified
in inetd.conf should be used as the daemon name for ``internal''
services.
--
Dan Nelson
dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030507153632.GJ63345>