HPE Community
Operating System - HP-UX
1830216 Members
2138 Online
109999 Solutions
New Discussion

tcp wrapper logging

 
SOLVED
Go to solution
Vanja
Frequent Advisor

‎10-20-2005 09:05 AM

‎10-20-2005 09:05 AM

tcp wrapper logging

Does anybody know how to set up tcp wrapper logging - ie. what line to put in /etc/syslog.conf?

I have the following entries in /etc/inetd.conf for daemons using tcpwrappers:

ftp stream tcp nowait root /usr/lbin/tcpd /usr/lbin/ftpd -a -l -v -u 027
telnet stream tcp nowait root /usr/lbin/tcpd /usr/lbin/telnetd b/etc/telnetbanner
ssh stream tcp nowait root /usr/lbin/tcpd /usr/sbin/sshd


I have tcpwrappers working correctly with /etc/hosts.allow and /etc/hosts.deny files. I'm just wondering how to set up the logging and where the logging goes??

What channel is capturing the tcp wrappers logging?

10 pts to good answer

Thanks!
0 Kudos
Reply
2 REPLIES 2
Ranjith_5
Honored Contributor

‎10-20-2005 09:33 AM

‎10-20-2005 09:33 AM

Solution

Re: tcp wrapper logging

Hi,

TCP Wrappers on HP-UX uses a configuration file, /etc/tcpd.conf. This file can be used to set time-out on client username lookups, log level, and action to be taken in case of reverse lookup failure.

TCP Wrappers daemon logs the information related to a connection and problems encountered, before invoking the original daemon in syslog (default /var/adm/syslog/syslog.log). The logging level parameter can be specified as either 'normal' or 'extended' in the /etc/tcpd.conf file. A value of "extended" will cause the TCP Wrappers daemon to log the ACLs information like: the entry with which the client request is matched and its related options. By default, the value for this entry is "normal", in which case tcpd will log the connection details about refusal or acceptance of the connection. TCP Wrappers suite also provides tools tcpdchk and tcpdmatch to validate the inetd.conf, hosts.allow and hosts.deny entries in the configuration file an to predict how tcpd would handle a specific service request respectively.


Regards,
Syam
Reply
Vanja
Frequent Advisor

‎10-20-2005 09:36 AM

‎10-20-2005 09:36 AM

Re: tcp wrapper logging

Thanks for the post. I checked the man pages.
I guess the real question to ask would be is there a way to redirect the output to log tcp wrapper messages somewhere else instead of syslog.log??? ie. I want tcpd logs to be logged to /var/adm/tcpd/tcpd.log for example.

How to set up /etc/syslog.conf to do that?

Thanks
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.