Usenet 1993 July

home *** CD-ROM | disk | FTP | other *** search

/ Usenet 1993 July / InfoMagic USENET CD-ROM July 1993.ISO / sources / misc / volume23 / log_tcp / part01 next >

Wrap

Text File | 1991-10-19 | 52.3 KB | 1,618 lines

Newsgroups: comp.sources.misc From: wietse@wzv.win.tue.nl (Wietse Venema) Subject: v23i077: log_tcp - Package to monitor TCP/UDP connections, Part01/01 Message-ID: <1991Oct19.025711.14716@sparky.imd.sterling.com> X-Md4-Signature: d79ef38346de3a9405025bac38985df4 Date: Sat, 19 Oct 1991 02:57:11 GMT Approved: kent@sparky.imd.sterling.com Submitted-by: wietse@wzv.win.tue.nl (Wietse Venema) Posting-number: Volume 23, Issue 77 Archive-name: log_tcp/part01 Environment: UNIX Supersedes: log_tcp: Volume 20, Issue 8 This package provides a couple of tiny programs that log requests for internet services (examples: TFTP, EXEC, FTP, RSH, TELNET, RLOGIN, FINGER, SYSTAT). Optional features are: access control based on pattern matching, and protection against rsh and rlogin attacks from hosts that pretend to have someone elses host name. The programs are nothing but small network daemon front ends. By default, they just log the remote host name and then invoke the real network daemon daemon, without requiring any changes to existing software or configuration files. Enhancements over the previous release are: support for datagram (UDP and RPC) services, and execution of shell commands when a (remote host, requested service) pair matches a pattern in the access control tables. Wietse Venema (wietse@wzv.win.tue.nl), Eindhoven University of Technology, The Netherlands. --- #! /bin/sh # This is a shell archive. Remove anything before this line, then feed it # into a shell via "sh file" or similar. To overwrite existing files, # type "sh file -c". # The tool that generated this appeared in the comp.sources.unix newsgroup; # send mail to comp-sources-unix@uunet.uu.net if you want that tool. # Contents: README BLURB Makefile fromhost.c hosts_access.5 # hosts_access.c log_tcp.h miscd.c refuse.c shell_cmd.c strcasecmp.c # tcpd.c try.c # Wrapped by kent@sparky on Wed Oct 16 23:03:11 1991 PATH=/bin:/usr/bin:/usr/ucb ; export PATH echo If this archive is complete, you will see the following message: echo ' "shar: End of archive 1 (of 1)."' if test -f 'README' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'README'\" else echo shar: Extracting \"'README'\" $8024 characters$ sed "s/^X//" >'README' <<'END_OF_FILE' X@(#) README 1.6 91/10/04 21:28:09 X XGeneral description X------------------- X XWith this package you can monitor connections to the SYSTAT, FINGER, XFTP, TELNET, RLOGIN, RSH, EXEC, TFTP, old and new TALK, and other IP Xnetwork services. Connections are reported through the syslog daemon. XRequirements are that network daemons are started by the inetd program Xor something similar, and the availability of a syslog(3) library. X XThe programs are tiny front ends. By default, they just report the name Xof the remote host and of the requested service, and then invoke the Xreal network daemon; no information is exchanged with the remote client Xprocess. In the most common case, no changes should be required to Xexisting software or to existing configuration files. Just move the Xvendor-provided daemons to another place and install the front ends Xinto their original places. Installation details are given below. X XEarly versions of the programs were tested with Ultrix >= 2.2, with XSunOS >= 3.4 and ISC 2.2. Later versions have been installed on a wide Xvariety of platforms (BSD-style, SYSV-style, Apollo's idea of UNIX). X XThe present release was tested with SunOS 4.1.1, Ultrix 4.1 and Apollo XSR10.3.5, but it should still run without modification on top of most XBSD-style TCP/IP implementations. X XRestriction X----------- X XSome UDP (and RPC) daemons linger around for a while after they have Xfinished their work, just in case another request comes in. Only the Xrequest that started such a daemon will be logged. This restriction Xdoes normally not apply to connection-oriented (TCP) services. X XAccess control X-------------- X XWhen compiled with -DHOSTS_ACCESS, the front-end programs support a Xsimple form of access control that is based on pattern matching. The Xaccess-control software provides hooks for the execution of shell Xcommands when a pattern fires. For details, see the hosts_access(5) Xmanual page. X XDetection of hosts that pretend to have someone elses host name X--------------------------------------------------------------- X XAuthentication based on host names, such as used by RLOGIN and RSH, Xused to work quite reliably when all host name lookups were done from Xthe local /etc/hosts file or its equivalent. X XWith _distributed_ name services, authentication schemes that rely on Xhost names can be subverted by playing games with the address->name Xmaps that are maintained by some far-away name server. Many rshd and Xrlogind implementations still blindly believe the remote host name that Xthey get from gethostbyaddr() and don't bother to check if that host Xname really belongs to the system that they are talking to. X XThe front-end programs verify the remote host name that was returned by Xthe name server responsible for the address->name mapping, by looking Xat the host address that is returned by the name server responsible for Xthe name->address mapping of that host name. If the latter address does Xnot match the original host address, the front ends conclude that they Xare dealing with a host that pretends to have someone elses host name. X XIf the sources are compiled with -DPARANOID, the front ends will drop Xthe connection in case of a host name/address mismatch. Otherwise, the Xfront ends just ignore the bad host name and use the host address when Xconsulting the access control tables. X XRelated software X---------------- X XVersions of rshd and rlogind, hacked to report the remote user name, Xare available for anonymous ftp (ftp.win.tue.nl:/pub/logdaemon.tar.Z). XThese programs are derived from BSD source; they have been tested only Xwith SunOS >= 4.0. X XAnother way to manage access to tcp/ip services is illustrated by the Xservers provided with the authutil package (comp.sources.unix volume X22). This has the advantage that one will get the remote username from Xany host supporting RFC 931 security. By installing the auth package X(same volume) one supports RFC 931 security too (but you will have to Xbelieve what the remote host tells you). Eventually one can start Xcutting off unauthenticated connections. This is obviously a much more Xadvanced approach than what my front-end programs provide. The present Xpackage is more suitable for those who lack the resources to install Xanything that requires more than just renaming a couple of executables. X XConfiguration and installation (the easy way) X--------------------------------------------- X XAn advanced installation recipe is given lateron. The "easy way" recipe Xrequires no changes to existing software or configuration files. X XIf you don't run Ultrix, you don't need the miscd front-end program. XThe Ultrix miscd daemon implements among others the SYSTAT service, Xwhich pipes the output from the WHO command to standard output. X XBy default, the front-end programs assume that the vendor-provided Xdaemons will be moved to the "/usr/etc/..." directory. If you want Xsomething else, adjust the REAL_DAEMON and the REAL_DAEMON_DIR macros Xin the files miscd.c and tcpd.c. X XFollow the instructions at the beginning of the Makefile and compile Xthe programs. The result is three binaries. The `try' program can be Xused to play with host access control tables. The tcpd and miscd Xprograms are the actual front end programs. X XThe tcpd program can be used for monitoring requests for the telnet, Xfinger, ftp, exec, rsh, rlogin, tftp, talk, spray, rusers, comsat and Xother services that have a one-to-one mapping onto executable files. X XDecide which services you want to be monitored. Move the corresponding Xvendor-provided daemon programs to the location specified by the XREAL_DAEMON_DIR macro in the file tcpd.c, and copy the tcpd front end Xto the locations where the vendor-provided daemons used to be. That is, Xone copy of (or link to) the tcpd program for each service that you Xwant to monitor. X XUltrix only: if you want to monitor connections to the SYSTAT service, Xmove the vendor-provided miscd daemon to the location specified by the XREAL_DAEMON macro in the miscd.c file, and install the miscd front end Xinto the original miscd location. X XConfiguration and installation (the advanced way) X------------------------------------------------- X XInstead of moving the vendor-provided daemons to another directory, Xdefine the REAL_DAEMON_DIR to reflect the present location of those Xdaemons, and install the tcpd command in the same directory (Apollo XUNIX users will want to install the front end under a different name Xbecause tcpd is the name of an already existing command. A suitable Xname for the front-end program would be "frontd"). Then perform the Xfollowing edits on the inetd configuration file (usually located in X/etc/inetd.conf): X X finger stream tcp nowait nobody /usr/etc/in.fingerd in.fingerd X Xbecomes: X X finger stream tcp nowait nobody /usr/etc/tcpd in.fingerd X X(the example applies to SunOS 4.x; other UNIX implementations should Xnot differ much). Similar changes will be needed for the other services Xthat are to be covered by the tcpd (or frontd) front-end program. Send Xa SIGHUP to the inetd process to make the changes effective. X XThe same trick can be played with the Ultrix miscd daemon but then Xeither the miscd daemon front end or the real miscd daemon will have to Xbe given a different name. X XAcknowledgements X---------------- X XThanks to Brendan Kehoe (brendan@cs.widener.edu), Heimir Sverrisson X(heimir@hafro.is) and Dan Bernstein (brnstnd@kramden.acf.nyu.edu) for Xfeedback on an early release of this product. The host name/address Xcheck was suggested by John Kimball (jkimball@src.honeywell.com). XWillem-Jan Withagen (wjw@eb.ele.tue.nl), Pieter Schoenmakers X(tiggr@es.ele.tue.nl) and Charles S. Fuller (fuller@wccs.psc.edu) Xprovided help on dealing with with Apollo's UNIX environment. Hal R. XBrand (BRAND@addvax.llnl.gov) told me how to get the remote IP address Xin case of datagram-oriented services, and suggested the optional shell Xcommand feature. X X Wietse Venema (wietse@wzv.win.tue.nl), X Mathematics and Computing Science, X Eindhoven University of Technology, X The Netherlands. END_OF_FILE if test 8024 -ne `wc -c <'README'`; then echo shar: \"'README'\" unpacked with wrong size! fi # end of 'README' fi if test -f 'BLURB' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'BLURB'\" else echo shar: Extracting \"'BLURB'\" $1180 characters$ sed "s/^X//" >'BLURB' <<'END_OF_FILE' X@(#) BLURB 1.4 91/10/02 23:02:02 X XThis package provides a couple of tiny programs that log requests for Xinternet services (examples: TFTP, EXEC, FTP, RSH, TELNET, RLOGIN, XFINGER, SYSTAT). Optional features are: access control based on pattern Xmatching, and protection against rsh and rlogin attacks from hosts that Xpretend to have someone elses host name. X XThe programs are nothing but small network daemon front ends. By Xdefault, they just log the remote host name and then invoke the real Xnetwork daemon daemon, without requiring any changes to existing Xsoftware or configuration files. X XConnections are reported through the syslog(3) facility. Each record Xcontains a time stamp, the remote host name and the name of the service Xrequested. The information can be useful to detect unwanted activities, Xespecially when logfile information from several hosts is merged. X XEnhancements over the previous release are: support for datagram (UDP Xand RPC) services, and execution of shell commands when a (remote host, Xrequested service) pair matches a pattern in the access control tables. X X Wietse Venema (wietse@wzv.win.tue.nl), X Eindhoven University of Technology, X The Netherlands. END_OF_FILE if test 1180 -ne `wc -c <'BLURB'`; then echo shar: \"'BLURB'\" unpacked with wrong size! fi # end of 'BLURB' fi if test -f 'Makefile' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'Makefile'\" else echo shar: Extracting \"'Makefile'\" $3253 characters$ sed "s/^X//" >'Makefile' <<'END_OF_FILE' X# @(#) Makefile 1.4 91/10/04 21:28:11 X X############################## X## Begin configuration options X X# By default, logfile entries are written to the same file as used for X# sendmail transaction logs. Change the definition of the following macro X# if you disagree. See /usr/include/syslog.h for examples. Some syslog X# versions do not provide this flexibility. X XFACILITY= LOG_MAIL X X# To disable host access control, comment out the following macro definition. X# Note: host access control requires the strtok() and strchr() routines. X XACCESS = -DHOSTS_ACCESS X X# Disable the following macro definition if you wish to talk to hosts that X# pretend to have someone elses host name. X XPARANOID= -DPARANOID X X# If your system supports NIS or YP-style netgroups, enable the following X# macro definition. X XNETGROUP= -DNETGROUP X X# Some versions of apollo UNIX have a bug in the getpeername(2) routine. X# You have this bug if the front end reports that all UDP connections come X# from address 0.0.0.0. Compile with -DGETPEERNAME_BUG for a workaround. X XBUGS = -DGETPEERNAME_BUG X X# Apollo Domain/OS offers both bsd and sys5 environments, sometimes X# on the same machine. If your Apollo is primarily sys5.3 and also X# has bsd4.3, enable the following to build under bsd and run under X# either environment. X X#SYSTYPE= -A run,any -A sys,any X X# If your C library does not have memcmp(3), compile with -Dmemcmp=bcmp. X XCFLAGS = -O -DFACILITY=$(FACILITY) $(ACCESS) $(PARANOID) $(NETGROUP) \ X $(BUGS) $(SYSTYPE) X X# Include the file strcasecmp.o if it is not provided by your C library. X# The strcasecmp.c file provided with this package comes from BSD UNIX. X XAUX_OBJ = # strcasecmp.o X X# Some System-V versions require that you explicitly specify the networking X# libraries (for example, -lnet or -linet). X XLIBS = # -lnet X X## End configuration options X############################ X XTCPD_OBJ= tcpd.o fromhost.o hosts_access.o shell_cmd.o refuse.o XMISC_OBJ= miscd.o fromhost.o hosts_access.o shell_cmd.o refuse.o XTRY_OBJ = try.o hosts_access.o shell_cmd.o X XKIT = README miscd.c tcpd.c fromhost.c hosts_access.c shell_cmd.c \ X refuse.c log_tcp.h try.c Makefile hosts_access.5 strcasecmp.c BLURB X Xall: tcpd miscd try X Xtcpd: $(TCPD_OBJ) $(AUX_OBJ) X $(CC) $(CFLAGS) -o $@ $(TCPD_OBJ) $(AUX_OBJ) $(LIBS) X Xmiscd: $(MISC_OBJ) $(AUX_OBJ) X $(CC) $(CFLAGS) -o $@ $(MISC_OBJ) $(AUX_OBJ) $(LIBS) X Xtry: $(TRY_OBJ) $(AUX_OBJ) X $(CC) $(CFLAGS) -o $@ $(TRY_OBJ) $(AUX_OBJ) X Xfromhost: fromhost.c X $(CC) $(CFLAGS) -DTEST -o fromhost fromhost.c X rm -f fromhost.o X Xshar: X @shar $(KIT) X Xarchive: X $(ARCHIVE) $(KIT) X Xclean: X rm -f tcpd miscd try fromhost *.o core X X# Enable all bells and whistles for linting. X Xlint: X lint -DFACILITY=LOG_MAIL -DHOSTS_ACCESS -DPARANOID -DNETGROUP \ X -DGETPEERNAME_BUG tcpd.c fromhost.c hosts_access.c shell_cmd.c refuse.c X lint -DFACILITY=LOG_MAIL -DHOSTS_ACCESS -DPARANOID -DNETGROUP \ X -DGETPEERNAME_BUG miscd.c fromhost.c hosts_access.c shell_cmd.c refuse.c X X# Compilation dependencies. X Xfromhost.o : fromhost.c log_tcp.h Makefile Xhosts_access.o : hosts_access.c Makefile Xmiscd.o : miscd.c log_tcp.h Makefile Xrefuse.o : refuse.c log_tcp.h Xshell_cmd.o : shell_cmd.c Makefile Xstrcasecmp.o : strcasecmp.c Xtcpd.o : tcpd.c log_tcp.h Makefile Xtry.o : try.c Makefile END_OF_FILE if test 3253 -ne `wc -c <'Makefile'`; then echo shar: \"'Makefile'\" unpacked with wrong size! fi # end of 'Makefile' fi if test -f 'fromhost.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'fromhost.c'\" else echo shar: Extracting \"'fromhost.c'\" $5501 characters$ sed "s/^X//" >'fromhost.c' <<'END_OF_FILE' X /* X * fromhost() returns the type of connection (datagram, stream) and the name X * of the host at the other end of standard input (the host address if host X * name lookup fails, "stdin" if it is connected to a terminal, or "unknown" X * in all other cases). The return status is (-1) if the remote host X * pretends to have someone elses host name, otherwise a zero status is X * returned. X * X * Diagnostics are reported through syslog(3). X * X * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. X */ X X#ifndef lint Xstatic char sccsid[] = "@(#) fromhost.c 1.4 91/10/02 23:01:46"; X#endif X X/* System libraries. */ X X#include <sys/types.h> X#include <sys/param.h> X#include <sys/socket.h> X#include <netinet/in.h> X#include <netdb.h> X#include <stdio.h> X#include <syslog.h> X#include <errno.h> X Xextern char *inet_ntoa(); Xextern char *strncpy(); Xextern char *strcpy(); X X/* Local stuff. */ X X#include "log_tcp.h" X X/* Forward declarations. */ X Xstatic int matchname(); X X/* The following are to be used in assignment context, not in comparisons. */ X X#define GOOD 1 X#define BAD 0 X X /* X * The apollo sr10.3 getpeername(2) does not return an error in case of a X * datagram-oriented socket. Instead, it claims that all UDP or RPC requests X * come from address 0.0.0.0. The following code works around the problem. X */ X X#ifdef GETPEERNAME_BUG X Xstatic int fix_getpeername(sock, sa, len) Xint sock; Xstruct sockaddr *sa; Xint *len; X{ X int ret; X struct sockaddr_in *sin = (struct sockaddr_in *) sa; X X if ((ret = getpeername(sock, sa, len)) >= 0 X && sa->sa_family == AF_INET X && strcmp(inet_ntoa(sin->sin_addr), "0.0.0.0") == 0) { X errno = ENOTCONN; X return (-1); X } else { X return (ret); X } X} X X#define getpeername fix_getpeername X#endif X X/* fromhost - find out what is at the other end of standard input */ X Xint fromhost(f) Xstruct from_host *f; X{ X struct sockaddr sa; X struct sockaddr_in *sin = (struct sockaddr_in *) (&sa); X struct hostent *hp; X int length = sizeof(sa); X char buf[BUFSIZ]; X X /* X * Look up the remote host address. Hal R. Brand <BRAND@addvax.llnl.gov> X * suggested how to get the remote host info in case of UDP connections: X * peek at the first message without actually looking at its contents. X */ X X#define punt(name) { f->sock_type = 0; strcpy(f->source, name); return(0); } X X if (getpeername(0, &sa, &length) >= 0) { /* assume TCP request */ X f->sock_type = FROM_CONNECTED; X } else { X switch (errno) { X case ENOTSOCK: /* stdin is not a socket */ X punt(isatty(0) ? "stdin" : "unknown"); X case ENOTCONN: /* assume UDP request */ X if (recvfrom(0, buf, sizeof(buf), MSG_PEEK, &sa, &length) < 0) { X syslog(LOG_ERR, "recvfrom: %m"); X punt("unknown"); X } X f->sock_type = FROM_UNCONNECTED; X break; X default: /* other, punt */ X syslog(LOG_ERR, "getpeername: %m"); X punt("unknown"); X } X } X X /* X * Now that we have the remote host address, look up the remote host X * name. Use the address if name lookup fails. At present, we can only X * handle names or addresses that belong to the AF_INET addres family. X */ X X if (sa.sa_family != AF_INET) { X syslog(LOG_ERR, "unexpected address family %ld", (long) sa.sa_family); X strcpy(f->source, "unknown"); X return (0); X } X if ((hp = gethostbyaddr((char *) &sin->sin_addr.s_addr, X sizeof(sin->sin_addr.s_addr), X AF_INET)) == 0) { X strcpy(f->source, inet_ntoa(sin->sin_addr)); /* use address */ X return (0); X } X X /* X * Save the host name, even if we may decide to not use it, because the X * next gethostbyxxx() call will clobber it. X */ X X strncpy(f->source, hp->h_name, sizeof(f->source) - 1); X f->source[sizeof(f->source) - 1] = 0; X X /* X * Verify that the host name does not belong to someone else. If host X * name verification fails, ignore the host name and use the address X * instead. X */ X X if (matchname(f->source, sin)) { X return (0); X } else { X strcpy(f->source, inet_ntoa(sin->sin_addr)); X return (-1); /* verification failed */ X } X} X X/* matchname - determine if host name matches IP address */ X Xstatic int matchname(remotehost, sin) Xchar *remotehost; Xstruct sockaddr_in *sin; X{ X struct hostent *hp; X int i; X X if ((hp = gethostbyname(remotehost)) == 0) { X X /* X * Unable to verify that the host name matches the address. This may X * be a transient problem or a botched name server setup. We decide X * to play safe. X */ X X syslog(LOG_ERR, "gethostbyname(%s): lookup failure", remotehost); X return (BAD); X X } else { X X /* Look up the host address in the address list we just got. */ X X for (i = 0; hp->h_addr_list[i]; i++) { X if (memcmp(hp->h_addr_list[i], X (caddr_t) & sin->sin_addr, X sizeof(sin->sin_addr)) == 0) X return (GOOD); X } X X /* X * The host name does not map to the original host address. Perhaps X * someone has compromised a name server. More likely someone botched X * it, but that could be dangerous, too. X */ X X syslog(LOG_ERR, "host name/address mismatch: %s != %s", X inet_ntoa(sin->sin_addr), hp->h_name); X return (BAD); X } X} X X#ifdef TEST X X/* Code for stand-alone testing. */ X Xmain(argc, argv) Xint argc; Xchar **argv; X{ X struct from_host from; X X#ifdef LOG_MAIL X (void) openlog(argv[0], LOG_PID, FACILITY); X#else X (void) openlog(argv[0], LOG_PID); X#endif X (void) fromhost(&from); X printf("%s\n", from.source); X return (0); X} X X#endif END_OF_FILE if test 5501 -ne `wc -c <'fromhost.c'`; then echo shar: \"'fromhost.c'\" unpacked with wrong size! fi # end of 'fromhost.c' fi if test -f 'hosts_access.5' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'hosts_access.5'\" else echo shar: Extracting \"'hosts_access.5'\" $5785 characters$ sed "s/^X//" >'hosts_access.5' <<'END_OF_FILE' X.TH HOSTS_ACCESS 5 X.ad X.fi X.SH NAME Xhosts_access \- host access control files X.SH DESCRIPTION X.ad X.fi XThis manual page describes a simple, but effective, access control Xfacility that is based on host (or domain) names, netgroups, internet Xaddresses (or network numbers) and on network daemon process names. X.PP XIn the following text, \fIdaemon\fP is the the process name (argv[0] Xvalue) of a network daemon process, and \fIclient\fP is the name of Xa remote host (or its internet address if the name is not available). X.IP o XAccess will be granted when a (daemon,client) pair is matched by an Xentry in the \fI/etc/hosts.allow\fP file. X.IP o XIf the previous test fails (perhaps because the \fIhosts.allow\fP file Xdoes not exist), access will be denied when a (daemon,client) pair is Xmatched by an entry in the \fI/etc/hosts.deny\fP file. X.IP o XIf the previous test fails (perhaps because the \fIhosts.deny\fP file Xdoes not exist), access will be granted. X.PP XA non-existing access control file is treated as if it were an empty Xfile. Thus, access control can be turned off by providing no access Xcontrol files. X.PP XThe format of the access control files is as follows. X.IP o XLines that begin with a `#\' character are ignored. X.IP o XOther lines should have the format (things between [] are optional): X.sp X.ti +3 Xdaemon_list : client_list [ : shell_command ] X.PP X\fIdaemon_list\fP is a list of one or more daemon process names X(argv[0] values). \fIclient_list\fP is a list of one or more host Xnames, domain names, netgroups, internet addresses or internet network Xnumbers. List elements should be separated by blanks and/or commas. XWith the exception of netgroup lookups, all access control lookups are Xcase insensitive. X.PP XClient_list fields that specify a domain name should begin with a X`.\' character (see example below). Internet \fInetwork\fP numbers (as Xopposed to internet \fIhost\fP numbers) should be terminated with a `.\' Xcharacter. A netgroup name should begin with the `@\' character. XNetgroups are usually supported on systems with NIS (formerly YP) Xdata bases. X.PP XSpecial meaning is given to the magic token \fIALL\fP. If it appears Xin a daemon_list, this token matches all network daemon process Xnames. If the magic token appears in a client_list, it matches Xall clients. Another token that receives special treatment is X\fILOCAL\fP. If it appears in a daemon_list or client_list, Xit matches any string that does not contain a dot character. X.PP XThe optional \fIshell_command\fP is executed if the table entry is the Xfirst one that matches the (daemon,client) pair. The format is: one or Xmore statements separated by a `;\' character. Prior to execution, Xthe following substitutions are done on the shell_command: X.TP X%h Xis replaced by the remote host name X(or address, if the host name is not available). X.TP X%d Xis replaced by the daemon process name (argv[0] value). X.TP X%p Xis replaced by the daemon process id. X.TP X%% Xis replaced by a single `%\' character. X.PP XThe resulting command is given to \fI/bin/sh\fP, with standard input, Xoutput and error connected to \fI/dev/null\fP. Specify an `&\' at the Xend of the command if you do not want to wait until it has completed. X.PP XShell_commands should not rely on the PATH setting of the inetd. XInstead, they should use absolute path names, or they should begin with Xan explicit PATH=whatever statement. X.SH EXAMPLES XThe following example restricts all services to hosts within the local Xdomain (no `.\' character in the host name), all hosts below Xthe \fI.some.domain\fP, and all hosts in the \fIthatgroup\fP netgroup: X.PP X/etc/hosts.allow: X.in +3 XALL: LOCAL, .some.domain, @thatgroup X.PP X/etc/hosts.deny: X.in +3 XALL: ALL X.PP XIn order to deny some hosts all services, except ftp: X.PP X/etc/hosts.allow: X.in +3 Xin.ftpd: ALL X.PP X/etc/hosts.deny: X.in +3 XALL: some.host.name, .some.domain X.PP XThe following example implements a backfinger facility that is Xtriggered when someone invokes your tftp service from a host outside the Xlocal domain: X.PP X/etc/hosts.allow: X.in +3 X.nf Xin.tftpd: LOCAL, .my.domain X.PP X/etc/hosts.deny: X.in +3 X.nf Xin.tftpd: ALL: (/bin/date; /usr/ucb/finger -l @%h) >>/var/adm/%d.log & X.fi X.PP XIf your tftp daemon is run under a uid other than root (strongly Xrecommended), the /var/adm/whatever.log file should be writable for Xthat uid. Watch out for infinite backfinger loops! X.SH DIAGNOSTICS X.ad X.fi XAn error is reported when a syntax error is found in a host access Xcontrol file; when the length of an entry in a host access control file Xexceeds the STDIO buffer size; when the result of %<character> Xexpansion would overflow an internal buffer; when a system call fails Xthat shouldn\'t. X.SH FILES X.na X.nf X/etc/hosts.allow, (daemon,client) pairs that are granted access. X/etc/hosts.deny, (daemon,client) pairs that are denied access. X.SH BUGS X.ad X.fi XIf there are problems with a name server, the access control software Xwill use a host\'s address instead of its name. A workaround is to Xalso list internet addresses and network numbers in the access-control Xfiles. X.PP XDomain name server lookups are case insensitive; NIS (formerly YP) Xnetgroup lookups are case sensitive. X.PP XSome UDP (and RPC) daemons linger around for a while after they have Xfinished their work, just in case another request comes in (in the Xinetd configuration file, these daemons are registered with the `wait\' Xoption). In such cases, access control will apply only to the request Xthat started such a daemon. This restriction usually does not apply to Xconnection-oriented (TCP) services. X.SH AUTHOR X.na X.nf XWietse Venema XEindhoven University of Technology XDepartment of Mathematics and Computer Science XDen Dolech 2, P.O. Box 513, 5600 MB Eindhoven, The Netherlands X\" @(#) hosts_access.5 1.8 91/10/02 23:02:00 END_OF_FILE if test 5785 -ne `wc -c <'hosts_access.5'`; then echo shar: \"'hosts_access.5'\" unpacked with wrong size! fi # end of 'hosts_access.5' fi if test -f 'hosts_access.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'hosts_access.c'\" else echo shar: Extracting \"'hosts_access.c'\" $5582 characters$ sed "s/^X//" >'hosts_access.c' <<'END_OF_FILE' X#ifdef HOSTS_ACCESS X X /* X * This module implements a simple but effective form of access control X * based on host (or domain) names, netgroup, internet addresses (or network X * numbers) and daemon process names, with wild card support. Upon the first X * match with an entry in the access-control tables, an optional shell X * command is executed. X * X * Diagnostics are reported through syslog(3). X * X * Compile with -DHOSTS_ACCESS in order to enable access control. See the X * hosts_access(5) manual page for details. X * X * Compile with -DNETGROUP if your library provides support for netgroups. X * X * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. X */ X X#ifndef lint Xstatic char sccsid[] = "@(#) hosts_access.c 1.6 91/10/02 23:01:49"; X#endif X X /* System libraries. */ X X#include <sys/types.h> X#include <sys/param.h> X#include <stdio.h> X#include <syslog.h> X#include <ctype.h> X Xextern char *fgets(); Xextern char *strchr(); Xextern char *strtok(); Xextern void exit(); X X/* Local stuff. */ X X#include "log_tcp.h" X X/* Path names of the access control files. */ X X#define HOSTS_ALLOW "/etc/hosts.allow" X#define HOSTS_DENY "/etc/hosts.deny" X X/* Delimiters for lists of daemons or clients. */ X Xstatic char sep[] = ", \t"; X X/* Constants to be used in assignments only, not in comparisons... */ X X#define YES 1 X#define NO 0 X X/* Forward declarations. */ X Xstatic int table_match(); Xstatic int list_match(); X X/* hosts_access - host access control facility */ X Xint hosts_access(daemon, client) Xchar *daemon; Xchar *client; X{ X X /* X * If the (daemon, client) pair is matched by an entry in the file X * /etc/hosts.allow, access is granted. Otherwise, if the (daemon, X * client) pair is matched by an entry in the file /etc/hosts.deny, X * access is denied. Otherwise, access is granted. A non-existent X * access-control file is treated as an empty file. X */ X X if (table_match(HOSTS_ALLOW, daemon, client)) X return (YES); X if (table_match(HOSTS_DENY, daemon, client)) X return (NO); X return (YES); X} X X/* table_match - match table entries with (daemon, client) pair */ X Xstatic int table_match(table, daemon, client) Xchar *table; Xchar *daemon; Xchar *client; X{ X FILE *fp; X char sv_list[BUFSIZ]; /* becomes list of daemons */ X char *cl_list; /* becomes list of clients */ X char *sh_cmd; /* becomes optional shell command */ X int match = NO; X int end; X X /* X * Process the table one line at a time. Lines that begin with a '#' X * character are ignored. Non-comment lines are broken at the ':' X * character (we complain if there is none). The first field is matched X * against the daemon process name (argv[0]), the second field against X * the host name. A non-existing table is treated as if it were an empty X * table. The optional shell command (third field) is executed when the X * first match is found. X */ X X if (fp = fopen(table, "r")) { X while (match == 0 && fgets(sv_list, sizeof(sv_list), fp)) { X if (sv_list[end = strlen(sv_list) - 1] != '\n') { X syslog(LOG_ERR, "%s: line exceeds STDIO buffer size", table); X continue; X } else { X sv_list[end] = '\0'; /* strip trailing newline */ X } X if (sv_list[0] == '#') { /* skip comments */ X continue; X } else if ((cl_list = strchr(sv_list, ':')) == 0) { X syslog(LOG_ERR, "%s: malformed entry: \"%s\"", table, sv_list); X continue; X } else { X *cl_list++ = '\0'; /* split 1st and 2nd fields */ X if ((sh_cmd = strchr(cl_list, ':')) != 0) X *sh_cmd++ = '\0'; /* split 2nd and 3rd fields */ X match = (list_match(sv_list, daemon) X && list_match(cl_list, client)); X } X } X (void) fclose(fp); X } X if (match && sh_cmd) X shell_cmd(sh_cmd, daemon, client); X return (match); X} X X/* list_match - match a string against a list of tokens */ X Xstatic int list_match(list, string) Xchar *list; Xchar *string; X{ X char *tok; X int tok_len; X int str_len; X X /* X * Process tokens one at a time. If a token has the magic value "ALL" the X * match always succeeds. If the token is a domain name, return YES if it X * matches the last fields of the string. If the token has the magic X * value "LOCAL", return YES if the string does not contain a "." X * character. If the token is a network number, return YES if it matches X * the head of the string. If the token looks like a netgroup name, X * return YES if the string is a (host) member of the netgroup. X * Otherwise, return YES if the token fully matches the string. Note: we X * assume that a daemon process name never begins or ends with a "." or X * "@" character. X */ X X for (tok = strtok(list, sep); tok; tok = strtok((char *) 0, sep)) { X if (tok[0] == '.') { /* domain: match last fields */ X if ((str_len = strlen(string)) > (tok_len = strlen(tok)) X && strcasecmp(tok, string + str_len - tok_len) == 0) X return (YES); X#ifdef NETGROUP X } else if (tok[0] == '@') { /* netgroup: look it up */ X if (innetgr(tok + 1, string, (char *) 0, (char *) 0)) X return (YES); X#endif X } else if (strcasecmp(tok, "ALL") == 0) { /* all: match any */ X return (YES); X } else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */ X if (strchr(string, '.') == 0) X return (YES); X } else if (!strcasecmp(tok, string)) { /* match host name or address */ X return (YES); X } else if (tok[(tok_len = strlen(tok)) - 1] == '.' /* net number */ X && strncmp(tok, string, tok_len) == 0) { X return (YES); X } X } X return (NO); X} X X#endif END_OF_FILE if test 5582 -ne `wc -c <'hosts_access.c'`; then echo shar: \"'hosts_access.c'\" unpacked with wrong size! fi # end of 'hosts_access.c' fi if test -f 'log_tcp.h' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'log_tcp.h'\" else echo shar: Extracting \"'log_tcp.h'\" $742 characters$ sed "s/^X//" >'log_tcp.h' <<'END_OF_FILE' X/* @(#) log_tcp.h 1.1 91/10/02 23:01:55 */ X X /* X * Structure filled in by the fromhost() routine. Prerequisites: X * <sys/types.h> and <sys/param.h>. X */ X X#ifndef MAXHOSTNAMELEN X#define MAXHOSTNAMELEN 1024 X#endif X Xstruct from_host { X int sock_type; /* socket type, see below */ X char source[MAXHOSTNAMELEN + 1]; /* host name or address */ X}; X X/* Socket types: 0 means unknown. */ X X#define FROM_CONNECTED 1 /* connection-oriented */ X#define FROM_UNCONNECTED 2 /* non connection-oriented */ X X/* Global functions. */ X Xextern int fromhost(); /* get/validate remote host info */ Xextern int hosts_access(); /* access control */ Xextern void refuse(); /* refuse request */ Xextern void shell_cmd(); /* execute shell command */ END_OF_FILE if test 742 -ne `wc -c <'log_tcp.h'`; then echo shar: \"'log_tcp.h'\" unpacked with wrong size! fi # end of 'log_tcp.h' fi if test -f 'miscd.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'miscd.c'\" else echo shar: Extracting \"'miscd.c'\" $2427 characters$ sed "s/^X//" >'miscd.c' <<'END_OF_FILE' X /* X * Front end to the ULTRIX miscd service. The front end logs the remote host X * name and then invokes the real miscd daemon. Install as "/usr/etc/miscd", X * after moving the real miscd daemon to the "/usr/etc/..." directory. X * Connections and diagnostics are logged through syslog(3). X * X * The Ultrix miscd program implements (among others) the systat service, which X * pipes the output from who(1) to stdout. This information is potentially X * useful to systems crackers. X * X * Compile with -DHOSTS_ACCESS in order to enable access control. See the X * hosts_access(5) manual page for details. X * X * Compile with -DPARANOID if service should be refused to hosts that pretend X * to have someone elses host name. This gives some protection against rsh X * and rlogin attacks that involve compromised domain name servers. X * X * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. X */ X X#ifndef lint Xstatic char sccsid[] = "@(#) miscd.c 1.2 91/10/02 23:01:43"; X#endif X X/* System libraries. */ X X#include <sys/types.h> X#include <sys/param.h> X#include <stdio.h> X#include <syslog.h> X X/* Local stuff. */ X X#include "log_tcp.h" X X/* The following specifies where the vendor-provided daemon should go. */ X X#define REAL_DAEMON "/usr/etc/.../miscd" X Xmain(argc, argv) Xint argc; Xchar **argv; X{ X struct from_host from; X int from_stat; X X /* X * Open a channel to the syslog daemon. Older versions of openlog() X * require only two arguments. X */ X X#ifdef LOG_MAIL X (void) openlog(argv[0], LOG_PID, FACILITY); X#else X (void) openlog(argv[0], LOG_PID); X#endif X X /* X * Find out and verify the remote host name. Sites concerned with X * security may choose to refuse connections from hosts that pretend to X * have someone elses host name. X */ X X from_stat = fromhost(&from); X#ifdef PARANOID X if (from_stat == -1) X refuse(&from); X#endif X X /* X * Check whether this host can access the service in argv[0]. The X * access-control code invokes optional shell commands as specified in X * the access-control tables. X */ X X#ifdef HOSTS_ACCESS X if (!hosts_access(argv[0], from.source)) X refuse(&from); X#endif X X /* Report remote host name and invoke the real daemon program. */ X X syslog(LOG_INFO, "connect from %s", from.source); X (void) execv(REAL_DAEMON, argv); X syslog(LOG_ERR, "%s: %m", REAL_DAEMON); X return (1); X} END_OF_FILE if test 2427 -ne `wc -c <'miscd.c'`; then echo shar: \"'miscd.c'\" unpacked with wrong size! fi # end of 'miscd.c' fi if test -f 'refuse.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'refuse.c'\" else echo shar: Extracting \"'refuse.c'\" $1368 characters$ sed "s/^X//" >'refuse.c' <<'END_OF_FILE' X#if defined(PARANOID) || defined(HOSTS_ACCESS) X X /* X * refuse - do the necessary cleanup if we refuse service to some host. This X * code is never invoked when access control and protection against bad host X * names are disabled. X * X * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. X */ X X#ifndef lint Xstatic char sccsid[] = "@(#) refuse.c 1.1 91/10/02 23:01:53"; X#endif X X/* System libraries. */ X X#include <sys/types.h> X#include <sys/param.h> X#include <sys/socket.h> X#include <netinet/in.h> X#include <netdb.h> X#include <stdio.h> X#include <syslog.h> X Xextern void exit(); X X/* Local stuff. */ X X#include "log_tcp.h" X X/* refuse - refuse request from bad host */ X Xvoid refuse(f) Xstruct from_host *f; X{ X char buf[BUFSIZ]; X struct sockaddr sa; X int size = sizeof(sa); X X syslog(LOG_WARNING, "refused connect from %s", f->source); X X /* X * In the case of non-connection-oriented services we must discard the X * packet sent by the client. Otherwise, a fresh daemon will be started X * each time the present one exits. Some systems insist on a non-zero X * source address argument in the recvfrom() call below. X */ X X if (f->sock_type == FROM_UNCONNECTED) X (void) recvfrom(0, buf, sizeof(buf), 0, &sa, &size); X X /* Terminate with zero exit status to keep the inetd happy. */ X X exit(0); X} X X#endif END_OF_FILE if test 1368 -ne `wc -c <'refuse.c'`; then echo shar: \"'refuse.c'\" unpacked with wrong size! fi # end of 'refuse.c' fi if test -f 'shell_cmd.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'shell_cmd.c'\" else echo shar: Extracting \"'shell_cmd.c'\" $3723 characters$ sed "s/^X//" >'shell_cmd.c' <<'END_OF_FILE' X#ifdef HOSTS_ACCESS X X /* X * shell_cmd() takes a shell command, performs %h (host name or address), %d X * (daemon name) and %p (daemon process id) substitutions and passes the X * result to /bin/sh, with standard input, standard output and standard X * error connected to /dev/null. This code is never called when host access X * control is disabled. X * X * Diagnostics are reported through syslog(3). X * X * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. X */ X X#ifndef lint Xstatic char sccsid[] = "@(#) shell_cmd.c 1.1 91/10/02 23:01:51"; X#endif X X/* System libraries. */ X X#include <sys/types.h> X#include <sys/param.h> X#include <stdio.h> X#include <syslog.h> X Xextern char *strcpy(); Xextern void closelog(); Xextern void exit(); X X/* Local stuff. */ X X#include "log_tcp.h" X X/* Forward declarations. */ X Xstatic void do_percent(); Xstatic void do_child(); X X/* shell_cmd - expand %<char> sequences and execute shell command */ X Xvoid shell_cmd(string, daemon, client) Xchar *string; Xchar *daemon; Xchar *client; X{ X char cmd[BUFSIZ]; X int child_pid; X int wait_pid; X int daemon_pid = getpid(); X X /* X * Most of the work is done within the child process, to minimize the X * risk of damage to the parent. X */ X X switch (child_pid = fork()) { X case -1: /* error */ X syslog(LOG_ERR, "fork: %m"); X break; X case 00: /* child */ X do_percent(cmd, sizeof(cmd), string, daemon, client, daemon_pid); X do_child(daemon, cmd); X /* NOTREACHED */ X default: /* parent */ X while ((wait_pid = wait((int *) 0)) != -1 && wait_pid != child_pid) X /* void */ ; X } X} X X/* do_percent - do %<char> expansion, abort if result buffer is too small */ X Xstatic void do_percent(result, result_len, str, daemon, client, pid) Xchar *result; Xint result_len; Xchar *str; Xchar *daemon; Xchar *client; Xint pid; X{ X char *end = result + result_len - 1; /* end of result buffer */ X char *expansion; X int expansion_len; X char pid_buf[10]; X X /* X * %h becomes the remote host name or address; %d the daemon process X * name; %p the daemon process id; %% becomes a %, and %other is ignored. X * We terminate with a diagnostic if we would overflow the result buffer. X */ X X while (*str) { X if (*str == '%') { X str++; X expansion = X *str == 'd' ? (str++, daemon) : X *str == 'h' ? (str++, client) : X *str == 'p' ? (str++, sprintf(pid_buf, "%d", pid), pid_buf) : X *str == '%' ? (str++, "%") : X *str == 0 ? "" : (str++, ""); X expansion_len = strlen(expansion); X if (result + expansion_len >= end) { X syslog(LOG_ERR, "shell command too long: %30s...", result); X exit(0); X } X (void) strcpy(result, expansion); X result += expansion_len; X } else { X *result++ = *str++; X } X } X *result = 0; X} X X/* do_child - exec command with { stdin, stdout, stderr } to /dev/null */ X Xstatic void do_child(myname, command) Xchar *myname; Xchar *command; X{ X char *error = 0; X int tmp_fd; X X /* Close a bunch of file descriptors. Ignore errors. */ X X closelog(); X for (tmp_fd = 0; tmp_fd < 10; tmp_fd++) X (void) close(tmp_fd); X X /* Set up new stdin, stdout, stderr, and exec the shell command. */ X X if (open("/dev/null", 2) != 0) { X error = "open /dev/null: %m"; X } else if (dup(0) != 1 || dup(0) != 2) { X error = "dup: %m"; X } else { X (void) execl("/bin/sh", "sh", "-c", command, (char *) 0); X error = "execl /bin/sh: %m"; X } X X /* We can reach the following code only if there was an error. */ X X#ifdef LOG_MAIL X (void) openlog(myname, LOG_PID, FACILITY); X#else X (void) openlog(myname, LOG_PID); X#endif X syslog(LOG_ERR, error); X exit(0); X} X X#endif END_OF_FILE if test 3723 -ne `wc -c <'shell_cmd.c'`; then echo shar: \"'shell_cmd.c'\" unpacked with wrong size! fi # end of 'shell_cmd.c' fi if test -f 'strcasecmp.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'strcasecmp.c'\" else echo shar: Extracting \"'strcasecmp.c'\" $3767 characters$ sed "s/^X//" >'strcasecmp.c' <<'END_OF_FILE' X/* X * Copyright (c) 1987 Regents of the University of California. X * All rights reserved. X * X * Redistribution and use in source and binary forms are permitted X * provided that the above copyright notice and this paragraph are X * duplicated in all such forms and that any documentation, X * advertising materials, and other materials related to such X * distribution and use acknowledge that the software was developed X * by the University of California, Berkeley. The name of the X * University may not be used to endorse or promote products derived X * from this software without specific prior written permission. X * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR X * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED X * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. X */ X X#if defined(LIBC_SCCS) && !defined(lint) Xstatic char sccsid[] = "@(#)strcasecmp.c 5.6 (Berkeley) 6/27/88"; X#endif /* LIBC_SCCS and not lint */ X X#include <sys/types.h> X X/* X * This array is designed for mapping upper and lower case letter X * together for a case independent comparison. The mappings are X * based upon ascii character sequences. X */ Xstatic u_char charmap[] = { X '\000', '\001', '\002', '\003', '\004', '\005', '\006', '\007', X '\010', '\011', '\012', '\013', '\014', '\015', '\016', '\017', X '\020', '\021', '\022', '\023', '\024', '\025', '\026', '\027', X '\030', '\031', '\032', '\033', '\034', '\035', '\036', '\037', X '\040', '\041', '\042', '\043', '\044', '\045', '\046', '\047', X '\050', '\051', '\052', '\053', '\054', '\055', '\056', '\057', X '\060', '\061', '\062', '\063', '\064', '\065', '\066', '\067', X '\070', '\071', '\072', '\073', '\074', '\075', '\076', '\077', X '\100', '\141', '\142', '\143', '\144', '\145', '\146', '\147', X '\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157', X '\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167', X '\170', '\171', '\172', '\133', '\134', '\135', '\136', '\137', X '\140', '\141', '\142', '\143', '\144', '\145', '\146', '\147', X '\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157', X '\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167', X '\170', '\171', '\172', '\173', '\174', '\175', '\176', '\177', X '\200', '\201', '\202', '\203', '\204', '\205', '\206', '\207', X '\210', '\211', '\212', '\213', '\214', '\215', '\216', '\217', X '\220', '\221', '\222', '\223', '\224', '\225', '\226', '\227', X '\230', '\231', '\232', '\233', '\234', '\235', '\236', '\237', X '\240', '\241', '\242', '\243', '\244', '\245', '\246', '\247', X '\250', '\251', '\252', '\253', '\254', '\255', '\256', '\257', X '\260', '\261', '\262', '\263', '\264', '\265', '\266', '\267', X '\270', '\271', '\272', '\273', '\274', '\275', '\276', '\277', X '\300', '\341', '\342', '\343', '\344', '\345', '\346', '\347', X '\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357', X '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367', X '\370', '\371', '\372', '\333', '\334', '\335', '\336', '\337', X '\340', '\341', '\342', '\343', '\344', '\345', '\346', '\347', X '\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357', X '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367', X '\370', '\371', '\372', '\373', '\374', '\375', '\376', '\377', X}; X Xstrcasecmp(s1, s2) X char *s1, *s2; X{ X register u_char *cm = charmap, X *us1 = (u_char *)s1, X *us2 = (u_char *)s2; X X while (cm[*us1] == cm[*us2++]) X if (*us1++ == '\0') X return(0); X return(cm[*us1] - cm[*--us2]); X} X Xstrncasecmp(s1, s2, n) X char *s1, *s2; X register int n; X{ X register u_char *cm = charmap, X *us1 = (u_char *)s1, X *us2 = (u_char *)s2; X X while (--n >= 0 && cm[*us1] == cm[*us2++]) X if (*us1++ == '\0') X return(0); X return(n < 0 ? 0 : cm[*us1] - cm[*--us2]); X} END_OF_FILE if test 3767 -ne `wc -c <'strcasecmp.c'`; then echo shar: \"'strcasecmp.c'\" unpacked with wrong size! fi # end of 'strcasecmp.c' fi if test -f 'tcpd.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tcpd.c'\" else echo shar: Extracting \"'tcpd.c'\" $2530 characters$ sed "s/^X//" >'tcpd.c' <<'END_OF_FILE' X /* X * General front end for stream and datagram IP services. This program logs X * the remote host name and then invokes the real daemon. For example, X * install as /usr/etc/{tftpd,fingerd,telnetd,ftpd,rlogind,rshd,rexecd}, X * after saving the real daemons in the directory "/usr/etc/...". This X * arrangement requires that the network daemons are started by inetd or X * something similar. Connections and diagnostics are logged through X * syslog(3). X * X * Compile with -DHOSTS_ACCESS in order to enable access control. See the X * hosts_access(5) manual page for details. X * X * Compile with -DPARANOID if service should be refused to hosts that pretend X * to have someone elses host name. This gives some protection against rsh X * and rlogin attacks that involve compromised domain name servers. X * X * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. X */ X X#ifndef lint Xstatic char sccsid[] = "@(#) tcpd.c 1.2 91/10/02 23:01:44"; X#endif X X/* System libraries. */ X X#include <sys/types.h> X#include <sys/param.h> X#include <stdio.h> X#include <syslog.h> X X#ifndef MAXPATHNAMELEN X#define MAXPATHNAMELEN BUFSIZ X#endif X X/* Local stuff. */ X X#include "log_tcp.h" X X/* The following specifies where the vendor-provided daemons should go. */ X X#define REAL_DAEMON_DIR "/usr/etc/..." X Xmain(argc, argv) Xint argc; Xchar **argv; X{ X struct from_host from; X int from_stat; X char path[MAXPATHNAMELEN]; X X /* X * Open a channel to the syslog daemon. Older versions of openlog() X * require only two arguments. X */ X X#ifdef LOG_MAIL X (void) openlog(argv[0], LOG_PID, FACILITY); X#else X (void) openlog(argv[0], LOG_PID); X#endif X X /* X * Find out and verify the remote host name. Sites concerned with X * security may choose to refuse connections from hosts that pretend to X * have someone elses host name. X */ X X from_stat = fromhost(&from); X#ifdef PARANOID X if (from_stat == -1) X refuse(&from); X#endif X X /* X * Check whether this host can access the service in argv[0]. The X * access-control code invokes optional shell commands as specified in X * the access-control tables. X */ X X#ifdef HOSTS_ACCESS X if (!hosts_access(argv[0], from.source)) X refuse(&from); X#endif X X /* Report remote host name and invoke the real daemon program. */ X X syslog(LOG_INFO, "connect from %s", from.source); X sprintf(path, "%s/%s", REAL_DAEMON_DIR, argv[0]); X (void) execv(path, argv); X syslog(LOG_ERR, "%s: %m", path); X return (1); X} END_OF_FILE if test 2530 -ne `wc -c <'tcpd.c'`; then echo shar: \"'tcpd.c'\" unpacked with wrong size! fi # end of 'tcpd.c' fi if test -f 'try.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'try.c'\" else echo shar: Extracting \"'try.c'\" $818 characters$ sed "s/^X//" >'try.c' <<'END_OF_FILE' X /* X * try - program to try out host access-control tables, including the X * optional shell commands. X * X * usage: try process_name host_name X * X * where process_name is a daemon process name (argv[0] value), and host_name X * is a host name or address. X * X * Prints YES if access is granted, NO if denied. X */ X X#include <stdio.h> X#include <syslog.h> X Xmain(argc, argv) Xint argc; Xchar **argv; X{ X#ifdef HOSTS_ACCESS X X#ifdef LOG_MAIL X openlog(argv[0], LOG_PID, FACILITY); X#else X openlog(argv[0], LOG_PID); X#endif X X if (argc != 3) { X fprintf(stderr, "usage: %s process_name host_name\n", argv[0]); X return (1); X } else { X printf(hosts_access(argv[1], argv[2]) ? "YES\n" : "NO\n"); X return (0); X } X#else X fprintf(stderr, "host access control is not enabled.\n"); X return (1); X#endif X} END_OF_FILE if test 818 -ne `wc -c <'try.c'`; then echo shar: \"'try.c'\" unpacked with wrong size! fi # end of 'try.c' fi echo shar: End of archive 1 $of 1$. cp /dev/null ark1isdone MISSING="" for I in 1 ; do if test ! -f ark${I}isdone ; then MISSING="${MISSING} ${I}" fi done if test "${MISSING}" = "" ; then echo You have the archive. rm -f ark[1-9]isdone else echo You still must unpack the following archives: echo " " ${MISSING} fi exit 0 exit 0 # Just in case... -- Kent Landfield INTERNET: kent@sparky.IMD.Sterling.COM Sterling Software, IMD UUCP: uunet!sparky!kent Phone: (402) 291-8300 FAX: (402) 291-4362 Please send comp.sources.misc-related mail to kent@uunet.uu.net.