Date: Sat, 5 Jul 2003 14:22:48 -0500 From: "Scot W. Hetzel" <hetzels@westbend.net> To: "Vincent Poy" <vince@oahu.WURLDLINK.NET> Cc: current@freebsd.org Subject: Re: src/libexec/tcpd doesn't work correctly with -DPROCESS_OPTIONS Message-ID: <001801c3432a$d5a23250$11fd2fd8@westbend.net> References: <20030704173607.S3146-100000@oahu.WURLDLINK.NET>
next in thread | previous in thread | raw e-mail | index | archive | help
From: "Vincent Poy" <vince@oahu.WURLDLINK.NET>
> Any ideas?
>
>
According to the inetd man page:
TCP Wrappers
When given the -w option, inetd will wrap all services specified as
``stream nowait'' or ``dgram'' except for ``internal'' services. If
the
-W option is given, such ``internal'' services will be wrapped. If
both
options are given, wrapping for both internal and external services
will
be enabled. Either wrapping option will cause failed connections to be
logged to the ``auth'' syslog facility. Adding the -l flag to the
wrap-
ping options will include successful connections in the logging to the
``auth'' facility.
:
When wrapping is enabled, the tcpd daemon is not required, as that
func-
tionality is builtin. .....
Also, /etc/defaults/rc.conf shows that inetd_flags has both '-w' and '-W'
flags set. If you are using the default flags to inetd, then you don't need
to use tcpd to wrap your telnetd session.
Did you change your inetd_flags?
I just tested the bultin tcp_wrappers in inetd, and had no problem with
adding a banner to my ftpd and telnetd daemons without using the tcpd
daemon. But, when I changed the service to:
ftp stream tcp nowait root /usr/libexec/tcpd ftpd -l
and then killed -HUP the inetd process, the inetd process wanted the banner
file to be called 'tcpd' instead of 'ftpd'.
I also killed inetd, and started it with no flags. But when I connected to
the ftpd process, tcpd didn't display the banner (both tcpd and ftpd banner
files were installed into the banner directory).
So it looks like tcpd is broken when it comes to displaying banners.
I suggest you use inetd's builtin TCP Wrappers support, and forget using
tcpd.
Scot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001801c3432a$d5a23250$11fd2fd8>