tcp_wrappers-7.6: description + notes

The tcpd program can be set up to monitor incoming requests for telnet, finger, ftp, exec, rsh, rlogin, tftp, talk, comsat and other services that have a one-to-one mapping onto executable files.

Operation is as follows: whenever a request for service arrives, the inetd daemon is tricked into running the tcpd program instead of the normal server. tcpd logs the request and does some additional checks. When all is well, tcpd runs the appropriate server program and goes away.

Optional features include pattern-based access control, client username lookups with the RFC 931 protocol, protection against hosts that pretend to have someone else's host name, and protection against hosts that pretend to have someone else's network address.

Utilities (tcpdchk and tcpdmatch) are included to aid writing of /etc/hosts.allow and /etc/hosts.deny files. tcpdmatch does not understand '?' syntax in /etc/inet.conf, so it may generate spurious warnings noting that optional servers were not found.

Note: See /usr/freeware/doc/tcp_wrappers/README for known limitations.
Note: Installing this package does not automatically wrap any daemons. These binaries are compiled for "easy" installation, as described by EXAMPLE 1 in "man tcpd". The real server programs should be moved into a newly created directory named /usr/etc/... (that's three dots -- really!), and replaced by copies of tcpd. While this makes installation easier, it makes upgrading your operating system slightly harder, as the wrappers may need to be re-installed afterwards. Support for the extended access control language described by "man hosts_options" is enabled.

NOTE: Developers intending to use this distribution of libwrap for application development should be sure to read the information below. Users installing libwrap for the runtime environment only need not read any further.

Developers intending to use this library for development of other freeware packages or their own software applications will need to be familiar with a few peculiarities due to the way that this library is packaged and installed. The reasons for this installation strategy are described further in the fw_common product release notes.

The header files and libraries in this package are installed into /usr/freeware. This means that when building software using this distribution of libwrap you should be sure to do the following:

Following these guidelines will allow your application to safely and easily use the software in this package.
To auto-install this package, go back and click on the respective install icon.