Using TCP Wrappers

There are two ways to use the wrapper programs:

The easy way, where you move network daemons to some other directory and fill the resulting holes with copies of the wrapper programs. This approach involves no changes to system configuration files, and hence the risk of breaking things is minimal.

and

The advanced way: where you leave the network daemons alone and modify the inetd configuration file. For example, an entry such as:

tftp dgram udp wait root /usr/etc/tcpd in.tftpd -s /tftpboot

When a tftp request arrives, inetd will run the wrapper program (tcpd) with a process name `in.tftpd'. This is the name that the wrapper will use when logging the request and scanning the optional access control tables. `in.tftpd' is also the name of the server program that the wrapper will attempt to run when all is well. Any arguments, (`-s /tftpboot' in this particular example) are transparently passed on to the server program.

Logging information route

The wrapper programs send their logging information to the syslog daemon (syslogd). The disposition of the wrapper logs is determined by the syslog configuration file usually /etc/syslog.conf. Messages are written to files, to the console, or are forwarded to a @loghost. Some syslogd versions can even forward messages down a |pipeline.

Older syslog implementations only support priority levels ranging from 9 (debug-level messages) to 0 (alerts). All logging information of the specified priority level (or more urgent) is written to the same destination. In the syslog.conf file, priority levels are specified in numerical form. For example,

8/usr/spool/mqueue/syslog

causes all messages with priority 8 (informational messages), and anything that is more urgent, to be appended to the /usr/spool/mqueue/syslog file.

Newer syslog implementations support message classes in addition to priority levels. Examples of message classes include mail, daemon, auth and news. In the syslog.conf file, priority levels are specified with symbolic names: debug, info, notice, ..., emerg. For example,

mail.debug /var/log/syslog

causes all messages of class mail with priority debug (or more urgent) to be appended to the /var/log/syslog file.