HPE Community
Operating System - HP-UX
1826388 Members
4324 Online
109692 Solutions
New Discussion

TCP Wrappers and "spawn" option

 
Roger Lavender
Frequent Advisor

‎09-29-2003 12:30 AM

‎09-29-2003 12:30 AM

TCP Wrappers and "spawn" option

OS: HP-UX 11.11, June 2003
TCP WRAPPERS 11.11, v1

In the previous versions for TCP Wrappers (7.6), the following example statement existed in the hosts.allow file:

"telnetd : XXX.XXX.XXX.XXX
: /bin/echo "`date +%%b' '%%e' '%%X' '%%Y` %H inetd[%p]: %d: from (%a) %c %h Use
r=%u " >> /var/adm/tcpd.log"

and this resulted is the following tcpd.log entry:

"Sep 26 11:05:11 2003 server inetd[19326]: telnetd: from (XXX.XXX.XXX.XXX) user2 user2 User=unknown"

Note that the entry begins with a date/time stamp.

In this new version, the hosts_options "spawn" was introduced. The following entry now exists:

"telnetd : XXX.XXX.XXX.XXX: spawn (/bin/echo Host address = %a \nClient Information = %c \nDaemon Process name = telnetd \nHost Name = %h \nClient Server Hostname = %n \nDaemon PID
= %p \nServer Info = %s \nClient Username = %u" >> /var/adm/syslog/tcpd.log)"

Note that the entry is no longer date/time stamped. I have tried several ways to get the tcpd.log line entry to date stamp and all have failed. I checked all the available % values returned from the tcpd and none of them return a date/time entry.

Does someone - anyone have a "spawn" option string that can properly date and time stamp the tcpd.log entry for this new version?

Thanks,



0 Kudos
Reply
5 REPLIES 5
Brian Bergstrand
Honored Contributor

‎09-29-2003 01:19 AM

‎09-29-2003 01:19 AM

Re: TCP Wrappers and "spawn" option

Try inserting `date +%Y%m%d-%H:%M:%S` right after /bin/echo and before Host.

eg:
/bin/echo `date +%Y%m%d-%H:%M:%S` Host address ...

If that doesn't work, then remove the parentheses and try again.

One of the two versions should work.

HTH.
0 Kudos
Reply
Roger Lavender
Frequent Advisor

‎09-29-2003 02:05 AM

‎09-29-2003 02:05 AM

Re: TCP Wrappers and "spawn" option

Nope...that didn't work.

I tried all combinations of entries (with and without ",',`). Also, the ":" in the time part of the string is being interpreted by tcpd as "next option".
0 Kudos
Reply
Brian Bergstrand
Honored Contributor

‎09-29-2003 02:43 AM

‎09-29-2003 02:43 AM

Re: TCP Wrappers and "spawn" option

Okay, I was afraid of that. Looks like you are going to have to cut the date format string out as it conflicts with tcp wrapper options.

/sbin/echo `date` Host address ...
0 Kudos
Reply
Roger Lavender
Frequent Advisor

‎09-29-2003 03:22 AM

‎09-29-2003 03:22 AM

Re: TCP Wrappers and "spawn" option

Well, I've been tinkering with it here. What I've found (unless proven otherwise...) is that you can not chain 2 executables within the same spawn option. I modifed the hosts.allow as follows:


telnetd : XXX.XXX.XXX.XXX : spawn (date >> /var/adm/syslog /tcpd.log) : spawn (/bin/echo "Successful %d connection received from %c handled
by PID [%p] \n" >> /var/adm/syslog/tcpd.log)


This results in a tcpd.log file entry with 2 lines as:

"Mon Sep 29 11:10:46 CDT 2003
Successful telnetd connection received from XXX.XXX.XXX.XXX handled by PID [21443]"

This appears to be the only way to do this and for the time being is acceptable.

For any other creative thinkers out there - you thoughts are welcome.
0 Kudos
Reply
Roger Lavender
Frequent Advisor

‎09-29-2003 11:57 PM

‎09-29-2003 11:57 PM

Re: TCP Wrappers and "spawn" option

Well, I can get log entries in the syslog and tcpd log just fine now.

I problem is that I can not get the banners option to work at all! Its like the tcpd doesn't even know they exist. even the simplest line "telnetd:ALL:banners /tmp/banners/telnetd" doesn't even work. I even checked all permissions and this did nothing.

Signed confused
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.