Date: Tue, 26 Jan 1999 11:34:24 -0800 (PST) From: Steve Kargl <sgk@troutmask.apl.washington.edu> To: dillon@apollo.backplane.com (Matthew Dillon) Cc: mark@grondar.za, phk@critter.freebsd.dk, andreas@klemm.gtn.com, nate@mt.sri.com, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: Small, useful tools (Was: Re: 'cpdup' program, and question) Message-ID: <199901261934.LAA06455@troutmask.apl.washington.edu> In-Reply-To: <199901261922.LAA20798@apollo.backplane.com> from Matthew Dillon at "Jan 26, 1999 11:22:21 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Dillon wrote:
> I have never personally liked using tcp-wrappers. BEST doesn't use it
> at all, and for good reason: (A) there usually isn't enough stuff worth
> wrapping, and (B) any machine loaded enough to be a target for repeated
> spamming, attacks, etc.... is also loaded enough that tcp-wrappers
> represents too large a burden. (C) ipfw works well enough for what
> I care about.
>
> I don't mind tcp-wrappers being included with the system, but I will
> fight tooth and nail if someone actually tries to make tcp-wrappers
> a run-time element of the standard FreeBSD distribution.
>
In rc.conf,
tcp_wrapper="YES"
inetd_enable="YES" # Run the network daemon dispatcher (or NO).
inetd_conf="/etc/inetd.wrapped.conf"
inetd_flags="" # Optional flags to inetd.
In rc,
if [ "X${inetd_enable}" != X"NO" ]; then
if [ "X${tcp_wrapper}" != X"YES" ]; then
echo -n ' inetd'; inetd ${inetd_flags} ${inetd_conf}
else
echo -n ' inetd'; inetd ${inetd_flags}
fi
fi
--
Steve
finger kargl@troutmask.apl.washington.edu
http://troutmask.apl.washington.edu/~clesceri/kargl.html
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901261934.LAA06455>