SUMMARY: FAQ for tcp-wrappers?

From: Christopher L. Barnard (
Date: Wed Dec 11 1996 - 13:00:37 CST

I asked:

> Anyone know if there is a FAQ anywhere for tcp wrappers? I don't find
> one at or in my tcp-wrappers-7.2 distribution. I'm trying
> to get this line to work
> in.fingerd: ALL: ( /usr/local/bin/tcp_wrappers_7.4/safe_finger -l @%h >> /var/log/finger.log ) &
> but nothing is ever appended to the finger.log file. Finger service is
> still denied, and a line as such shows up in /var/log/syslog file as per
> our syslog configuration, so the first two parts of the line are working.
> (Yes, I know about the dangers of boobytrapping the finger daemon. We're
> just experimenting right now; once it works it'll be everything except
> fingerd that is boobytrapped in this manner).

The answer:

It would appear that no such FAQ exists, but as I hoped tcp wrappers is
commonplace enough on Suns these days that I was able to get an answer
to my question directly from this list. My thanks to Reto Lichtensteiger
<> for hitting the nail on the head. I should use this
line instead:

in.fingerd: ALL: (/some/safe/finger -l @%h | /usr/ucb/logger -p

and then define to log to /var/log/finger.log from my syslog.conf

Several people told me about changing the FACILITY and SEVERITY in
the makefile to control logging of actual incoming inet connections.
I've already done that; I'm trying to log the output of a reverse finger
*in addition to* the logging of incoming connections. This is just like
doing the email trick shown in the examples, but logged to a file so
that it can be seen even if the email recipient is away on vacation or
some such.

Thanks to:

Reto Lichtensteiger <>
Rasana Atreya <> (Frank Sargent)
Jochen Bern <>
Tony Ching-Tung Wu <>

| Christopher L. Barnard O When I was a boy I was told that |
| / \ anybody could become president. |
| (312) 347-4901 O---O Now I'm beginning to believe it. |
| --Clarence Darrow |
| Cyber Rights Now: Accept No Compromise. |
+----------PGP public key available via finger or PGP keyserver---------+

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:18 CDT