I asked:
> Anyone know if there is a FAQ anywhere for tcp wrappers? I don't find
> one at ftp.tue.win.nl or in my tcp-wrappers-7.2 distribution. I'm trying
> to get this line to work
>
> in.fingerd: ALL: ( /usr/local/bin/tcp_wrappers_7.4/safe_finger -l @%h >> /var/log/finger.log ) &
>
> but nothing is ever appended to the finger.log file. Finger service is
> still denied, and a line as such shows up in /var/log/syslog file as per
> our syslog configuration, so the first two parts of the line are working.
> (Yes, I know about the dangers of boobytrapping the finger daemon. We're
> just experimenting right now; once it works it'll be everything except
> fingerd that is boobytrapped in this manner).
The answer:
It would appear that no such FAQ exists, but as I hoped tcp wrappers is
commonplace enough on Suns these days that I was able to get an answer
to my question directly from this list. My thanks to Reto Lichtensteiger
<rali@meitca.com> for hitting the nail on the head. I should use this
line instead:
in.fingerd: ALL: (/some/safe/finger -l @%h | /usr/ucb/logger -p local3.info)&
and then define local3.info to log to /var/log/finger.log from my syslog.conf
file.
Several people told me about changing the FACILITY and SEVERITY in
the makefile to control logging of actual incoming inet connections.
I've already done that; I'm trying to log the output of a reverse finger
*in addition to* the logging of incoming connections. This is just like
doing the email trick shown in the examples, but logged to a file so
that it can be seen even if the email recipient is away on vacation or
some such.
Thanks to:
Reto Lichtensteiger <rali@meitca.com>
Rasana Atreya <atreya@library.ucsf.edu>
fsargent@netmgr.rri.uwo.ca (Frank Sargent)
Jochen Bern <bern@penthesilea.uni-trier.de>
Tony Ching-Tung Wu <tonywu@cyberhouse.com.tw>
+-----------------------------------------------------------------------+
| Christopher L. Barnard O When I was a boy I was told that |
| cbarnard@cs.uchicago.edu / \ anybody could become president. |
| (312) 347-4901 O---O Now I'm beginning to believe it. |
| http://www.cs.uchicago.edu/~cbarnard --Clarence Darrow |
| Cyber Rights Now: Accept No Compromise. |
+----------PGP public key available via finger or PGP keyserver---------+
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:18 CDT