[techtalk] xinetd and tcp_wrappers
Paul Hardacre
paul.hardacre at btinternet.com
Thu Jun 14 16:22:41 EST 2001
At 16:08 14/06/2001, Martin.Caitlyn at epamail.epa.gov wrote:
>Does anyone have any experience using tcp_wrappers in conjunction with
>xinetd, as opposed to inetd. The tcp_wrappers man page that came with Red
>Hat 7.1 still refers to the inetd.conf file, but, of course, that no longer
>exists. Is there any reason I can't invoke tcpd and refer to the service
>to be run in the various configuration files in /etc/xinetd.d the same way
>I did in the old /etc/inetd.conf file? Are there any issues I should be
>aware of?
I don't know if it has been compiled against libwrap in RH7.1. I use RH7.1
here on my test box on my desk. I personally haven't bothered much with
tcpwrappers/access control, etc cos the box is on my desk and not connected
to the internet, only accessible to me and anyone on our internal network.
I did look at the FAQ the other day for another reason (setting up a CVS
pserver) and noticed something about wrappers. Here's what it has to say:
Q. Does xinetd support libwrap (tcpwrappers)?
A. Yes. xinetd can be compiled with libwrap support by passing
--with-libwrap as an option to the configure script. When xinetd is
compiled with libwrap support, all services can use the /etc/host.allow and
/etc/host.deny access control. xinetd can also be configured to use tcpd in
the traditional inetd style. This requires the use of the NAMEINARGS flag,
and the name of the real daemon be passed in as server_args. Here is an
example for using telnet with tcpd:
service telnet
{
flags = REUSE NAMEINARGS
protocol = tcp
socket_type = stream
wait = no
user = telnetd
server = /usr/sbin/tcpd
server_args = /usr/sbin/in.telnetd
}
Hope that helps..
Paul
More information about the Techtalk
mailing list