[ale] Red Hat 7.1 TCP-Wrapper (/usr/sbin/tcpd) Problems

Tyler Owen owentl at yahoo.com
Sun Jun 24 20:57:28 EDT 2001


a shortcut in RedHat for adding config files into the
/etc/xinetd.d/* files is to use chkconfig.  This is an
easy way to add and remove services to xinetd.

Probably not what you are looking for, but hey I
thought it was cool when I learned it :-) 



--- Chris Ricker <kaboom at gatech.edu> wrote:
> On Thu, 21 Jun 2001, VISH,GEORGE (HP-USA,ex1) wrote:
> 
> >
> > 	Does anyone know how to properly configure tcpd
> to integrate
> > 	into the new /etc/xinetd.d/* configuration
> files???  The man
> > 	page for tcpd references older examples from
> RH6.2 using
> > 	inetd.conf?!?
> >
> > 	I tried this in /etc/xinetd.d/telnet:
> >
> > 	service telnet
> > 	{
> >        flags           = REUSE
> >        socket_type     = stream
> >        wait            = no
> >        user            = root
> >        server          = /usr/sbin/tcpd		#<---
> Modified This
> >        server_args     = /usr/sbin/in.telnetd
> #<--- Added This
> >        log_on_failure  += USERID
> >        disable         = no
> > 	}
> 
> don't do that.  xinetd is compiled against libwrap,
> so you don't have to
> make any changes to the config files to get it to
> read hosts.allow and
> hosts.deny
> 
> note that xinetd also has built-in internal support
> for host checking
> similar to what tcp wrappers provides, so you can
> either do (example for
> telnet) something like:
> 
> service telnet
> {
>         disable = no
>         flags           = REUSE
>         socket_type     = stream
>         wait            = no
>         user            = root
>         server          = /usr/sbin/in.telnetd
>         log_on_failure  += USERID
> }
> 
> and then put the appropriate hosts in
> /etc/hosts.[allow deny] for the
> /usr/sbin/in.telnetd service, or you could do it
> directly in xinetd by
> 
> service telnet
> {
>         disable = no
>         flags           = REUSE
>         socket_type     = stream
>         wait            = no
>         user            = root
>         server          = /usr/sbin/in.telnetd
>         log_on_failure  += USERID
> 	only_from	= good.guy.com
> 	no_access	= bad.cracker.com
> }
> 
> 
> later,
> chris
> 
> -- 
> Chris Ricker                                        
>       kaboom at gatech.edu
>                                              
> chris.ricker at genetics.utah.edu
> 
> --
> To unsubscribe: mail majordomo at ale.org with
> "unsubscribe ale" in message body.


__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list