Solaris 10 tcp wrappers with syslog SUMMARY

From: Donovan, Jeffrey \(Jeff\), WCS <>
Date: Fri Mar 17 2006 - 16:43:29 EST
This organization is great! Got an answer in about 15 minutes.

Thanks to:

Richard Butler

Chris Barnard

Casper Dik

Erek Adams

Chris and Richard had the easiest solution:

You can do it with the tcpwrapper extensions - that is you put lines
like below into hosts.allow:

ALL: 10.0. : severity local2.notice: ALLOW

ALL: ALL: severity local2.warning: DENY

and set syslog.conf for where to log local2

or along the same lines:

In your hosts.allow and/or hosts.deny files, you add a third entry that
is the syslog level.

[ onboard2qa-n!/root ] >> more /etc/hosts.deny

ALL: ALL: severity LOCAL3.notice

Then in your syslog.conf file you do                     /var/log/tcpd.log

HUP syslog.

voila.  tcp entries are logged in /var/log/tcpd.log

Thanks to all who responded.

Jeff Donovan

Infrastructure Design


From: Donovan, Jeffrey (Jeff), WCS
Sent: Friday, March 17, 2006 12:33 PM
To: ''
Subject: Solaris 10 tcp wrappers with syslog


Does anyone know the entry to syslog.conf to capture tcp wrapper
information into a log file with the bundled version in Solaris 10?  We
used to use a shareware version and added the following to syslog.conf
because it was compiled that way:

local2.notice   /var/opt/tcpw/logs/tcpd.log

This doesn't work for the Solaris 10 version. SSH is configurable in the
sshd_config file but I can't any info for tcp wrappers.

Any help would be appreciated.


Jeff Donovan

Infrastructure Design

[demime 1.01b removed an attachment of type image/jpeg which had a name of image001.jpg]
sunmanagers mailing list
Received on Fri Mar 17 16:44:44 2006

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:56 EST