Date: Tue, 8 Jun 1999 04:50:01 -0700 (PDT) From: David Malone <dwmalone@maths.tcd.ie> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/11960: inetd built in wrapping doesn't log like tcpd does. Message-ID: <199906081150.EAA33626@freefall.freebsd.org>
index | next in thread | raw e-mail
The following reply was made to PR bin/11960; it has been noted by GNATS.
From: David Malone <dwmalone@maths.tcd.ie>
To: Sheldon Hearn <sheldonh@uunet.co.za>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: bin/11960: inetd built in wrapping doesn't log like tcpd does.
Date: Tue, 08 Jun 1999 12:44:50 +0100
> On Tue, 08 Jun 1999 12:26:45 +0100, David Malone wrote:
>
> > contrib/tcp_wrappers/options.c about line 550. This actually means we
> > should be reseting allow_severity and deny_severity before each call
> > to hosts_access()?
>
> So you wanna work on that? I foresee 6 lines of code. :-)
How does the following look? It also includes the removal of the if(){}
from around the syslog for allows.
David.
--- inetd.c.orig Tue Jun 8 12:34:30 1999
+++ inetd.c Tue Jun 8 12:41:14 1999
@@ -629,6 +629,8 @@
sep->se_server_name : sep->se_service,
RQ_FILE, ctrl, NULL);
fromhost(&req);
+ deny_severity = LIBWRAP_DENY_FACILITY|LIBWRAP_DENY_SEVERITY;
+ allow_severity = LIBWRAP_ALLOW_FACILITY|LIBWRAP_ALLOW_SEVERITY;
denied = !hosts_access(&req);
if (denied || log) {
sp = getservbyport(sep->se_ctrladdr.sin_port, sep->se_proto);
@@ -645,11 +647,9 @@
eval_client(&req), service, sep->se_proto);
goto reject;
}
- if (log) {
- syslog(allow_severity,
- "connection from %.500s, service %s (%s)",
- eval_client(&req), service, sep->se_proto);
- }
+ syslog(allow_severity,
+ "connection from %.500s, service %s (%s)",
+ eval_client(&req), service, sep->se_proto);
}
#endif /* LIBWRAP */
if (sep->se_bi) {
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906081150.EAA33626>