The tcpd program can be set up to monitor incoming requests for
tcp_wrappers-7.6: description + notes
telnet,finger,ftp,exec,rsh,rlogin,tftp,talk,comsatand other services that have a one-to-one mapping onto executable files.Operation is as follows: whenever a request for service arrives, the
inetddaemon is tricked into running the tcpd program instead of the normal server. tcpd logs the request and does some additional checks. When all is well, tcpd runs the appropriate server program and goes away.Optional features include pattern-based access control, client username lookups with the RFC 931 protocol, protection against hosts that pretend to have someone else's host name, and protection against hosts that pretend to have someone else's network address.
Utilities (tcpdchk and tcpdmatch) are included to aid writing of
/etc/hosts.allowand/etc/hosts.denyfiles. tcpdmatch does not understand '?' syntax in/etc/inet.conf, so it may generate spurious warnings noting that optional servers were not found.Note: Installing this package does not automatically wrap any daemons. These binaries are compiled for "easy" installation, as described byEXAMPLE 1in "man tcpd". The real server programs should be moved into a newly created directory named/usr/etc/...(that's three dots -- really!), and replaced by copies of tcpd. While this makes installation easier, it makes upgrading your operating system slightly harder, as the wrappers may need to be re-installed afterwards. Support for the extended access control language described by "man hosts_options" is enabled.
To auto-install this package, go back and click on the respective install icon.