Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 27 Jun 1999 12:35:21 -1000
From:      "Art Neilson, KH7PZ" <art@hawaii.rr.com>
To:        freebsd-questions@FreeBSD.ORG
Subject:   tcp_wrappers
Message-ID:  <3.0.6.32.19990627123521.008794d0@clients1.hawaii.rr.com>
next in thread | raw e-mail | index | archive | help 
I noticed the release notes for FreeBSD 3.2 state tcp_wrappers is now
part of the system.  If this is the case, where is tcpd ???  I installed
the full set of stuff and no tcpd is found.  Does it just mean the network
daemons are compiled with tcp_wrappers?  I installed the tcp_wrappers port
and it seems to work fine, it's blocking access per hosts.allow rules
however I can't seem to get it to log the activity.  Looks like it defaults
to auth.info severity in the ALL: ALL: rule at the bottom of the canned
hosts.allow.  I added a syslog line to capture these messages, it looks like

#       $Id: syslog.conf,v 1.9 1998/10/14 21:59:55 nate Exp $
#
#       Spaces are NOT valid field separators in this file.
#       Consult the syslog.conf(5) manpage.
*.err;kern.debug;auth.notice;mail.crit          /dev/console
*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
mail.info                                       /var/log/maillog
lpr.info                                        /var/log/lpd-errs
auth.info                                       /var/log/security.log
ntp.*                                           /var/log/xntpd.log
cron.*                                          /var/cron/log
*.err                                           root
*.notice;news.err                               root
*.alert                                         root
*.emerg                                         *
# uncomment these if you're running inn
# news.crit                                     /var/log/news/news.crit
# news.err                                      /var/log/news/news.err
# news.notice                                   /var/log/news/news.notice
!dhclient
*.*                                             /var/log/dhclient.log
!startslip
*.*                                             /var/log/slip.log
!ppp
*.*                                             /var/log/ppp.log

What am I doing wrong???  security.log does not get updated when I block
access 
intentionally to a machine in my internal network and test the access to
insure
tcp_wrappers is working.  I do get a deny message to a terminal I am
testing from
i.e. I attempt a telnet session and tcpd looks up the rules and denies just
fine
I am just not getting the log....



   __
  /  )    _/_  It is a capital mistake to theorise before one has data.
 /--/ __  /    Insensibly one begins to twist facts to suit theories,
/  (_/ (_<__   Instead of theories to suit facts.
                     -- Sherlock Holmes, "A Scandal in Bohemia"
Arthur W. Neilson III, KH7PZ
Bank of Hawaii Tech Support
art@hawaii.rr.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.6.32.19990627123521.008794d0>