From owner-freebsd-bugs Wed Jan 24 12:40:22 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id CB3EF37B400 for ; Wed, 24 Jan 2001 12:40:03 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f0OKe3N89356; Wed, 24 Jan 2001 12:40:03 -0800 (PST) (envelope-from gnats) Date: Wed, 24 Jan 2001 12:40:03 -0800 (PST) Message-Id: <200101242040.f0OKe3N89356@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Andre Albsmeier Subject: Re: bin/24610: [PATCH] make inetd log hostnames when specifying -l twice Reply-To: Andre Albsmeier Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR bin/24610; it has been noted by GNATS. From: Andre Albsmeier To: David Malone Cc: Andre Albsmeier , FreeBSD-gnats-submit@freebsd.org Subject: Re: bin/24610: [PATCH] make inetd log hostnames when specifying -l twice Date: Wed, 24 Jan 2001 21:34:39 +0100 On Wed, 24-Jan-2001 at 19:11:43 +0000, David Malone wrote: > On Wed, Jan 24, 2001 at 04:20:17PM +0100, Andre Albsmeier wrote: > > > >Description: > > > > When specifying -l inetd logs the IP address of succesful connections. > > With this patch, the hostname is logged instead of the IP address > > when -l is specified twice. > > I didn't want to do this because it means looking up a hostname in > inetd before forking - this can block for some time, which would > prevent inetd from starting any more services. Sure, that's why I mentioned it in the man page (maybe this needs more clarification). However, on nets isolated behind firewalls where only certain hosts can connect to inetd at all and where fast DNS lookups are normal it might be quite useful. And the feature has to be turned on explicitely by specifying -l twice. > > You can already look up host names and log them by turning on > wrappers with -Ww. If you don't want to do restrict the services > available then you can do something like: > > ALL: UNKNOWN : severity local0.info : allow > ALL: ALL : severity local0.info : allow > > The "UNKNOWN" should force tcpd to look up the host name - otherwise > it won't bother. > > David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message