From owner-freebsd-questions Sun Jun 27 15:35:36 1999 Delivered-To: freebsd-questions@freebsd.org Received: from smtp3.hawaii.rr.com (smtp3.hawaii.rr.com [204.210.97.13]) by hub.freebsd.org (Postfix) with ESMTP id AD20514D31 for ; Sun, 27 Jun 1999 15:35:33 -0700 (PDT) (envelope-from art@hawaii.rr.com) Received: from taz - 24.94.75.210 by smtp3.hawaii.rr.com with Microsoft SMTPSVC(5.5.1774.114.11); Sun, 27 Jun 1999 12:25:00 -1000 Message-Id: <3.0.6.32.19990627123521.008794d0@clients1.hawaii.rr.com> X-Sender: art@clients1.hawaii.rr.com X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.6 (32) Date: Sun, 27 Jun 1999 12:35:21 -1000 To: freebsd-questions@FreeBSD.ORG From: "Art Neilson, KH7PZ" Subject: tcp_wrappers Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I noticed the release notes for FreeBSD 3.2 state tcp_wrappers is now part of the system. If this is the case, where is tcpd ??? I installed the full set of stuff and no tcpd is found. Does it just mean the network daemons are compiled with tcp_wrappers? I installed the tcp_wrappers port and it seems to work fine, it's blocking access per hosts.allow rules however I can't seem to get it to log the activity. Looks like it defaults to auth.info severity in the ALL: ALL: rule at the bottom of the canned hosts.allow. I added a syslog line to capture these messages, it looks like # $Id: syslog.conf,v 1.9 1998/10/14 21:59:55 nate Exp $ # # Spaces are NOT valid field separators in this file. # Consult the syslog.conf(5) manpage. *.err;kern.debug;auth.notice;mail.crit /dev/console *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages mail.info /var/log/maillog lpr.info /var/log/lpd-errs auth.info /var/log/security.log ntp.* /var/log/xntpd.log cron.* /var/cron/log *.err root *.notice;news.err root *.alert root *.emerg * # uncomment these if you're running inn # news.crit /var/log/news/news.crit # news.err /var/log/news/news.err # news.notice /var/log/news/news.notice !dhclient *.* /var/log/dhclient.log !startslip *.* /var/log/slip.log !ppp *.* /var/log/ppp.log What am I doing wrong??? security.log does not get updated when I block access intentionally to a machine in my internal network and test the access to insure tcp_wrappers is working. I do get a deny message to a terminal I am testing from i.e. I attempt a telnet session and tcpd looks up the rules and denies just fine I am just not getting the log.... __ / ) _/_ It is a capital mistake to theorise before one has data. /--/ __ / Insensibly one begins to twist facts to suit theories, / (_/ (_<__ Instead of theories to suit facts. -- Sherlock Holmes, "A Scandal in Bohemia" Arthur W. Neilson III, KH7PZ Bank of Hawaii Tech Support art@hawaii.rr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message