From owner-freebsd-questions Wed Apr 28 0:42:55 1999 Delivered-To: freebsd-questions@freebsd.org Received: from pinto.unsyiah.ac.id (pinto.unsyiah.ac.id [167.205.153.82]) by hub.freebsd.org (Postfix) with ESMTP id 20A9A14FC5 for ; Wed, 28 Apr 1999 00:39:34 -0700 (PDT) (envelope-from zul@pinto.unsyiah.ac.id) Received: from localhost (zul@localhost) by pinto.unsyiah.ac.id with ESMTP id OAA02195; Wed, 28 Apr 1999 14:43:47 GMT (envelope-from zul@pinto.unsyiah.ac.id) Date: Wed, 28 Apr 1999 14:43:47 +0000 (GMT) From: Zulkarnain To: Dan Langille Cc: freebsd-questions@FreeBSD.ORG Subject: Re: tcp_wrappers In-Reply-To: <19990427195221.TXDN5596385.mta1-rme@wocker> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 28 Apr 1999, Dan Langille wrote: > On 27 Apr 99, at 20:28, Zulkarnain wrote: > > > I have installed tcp_wrappers-7.6 on FreeBSD 3.1R, but deeply hard to > > configure it. I tried to monitor and filter incoming requests for FINGER, > > and TELNET, but still not working correctly.The log I got still : > > > > Apr 26 17:53:07 pinto telnetd[5607]: connect from ns.wasantara.net.id Apr > > 26 17:54:17 pinto telnetd[5616]: connect from lpki.linux.or.id > > > > what I expact from running tcp_wrappers is to get log like : > > > > Jan 10 15:49:41 ngatoto telnetd[1758]: connect from > > wocker.dvl-software.com Jan 10 15:49:58 ngatoto login: login from > > wocker.dvl-software.com on ttyp2 as mike > > Wait! Hold on! You're not going to get those in your logs unless *I* > start trying to login to your machine. the log above only for an example.the important is how do I get an output just like that format ?? > > > here is my config : > > > > ----- /etc/inetd.conf --------- > > telnet stream tcp nowait root /usr/local/libexec/tcpd telnetd > > finger stream tcp nowait nobody /usr/local/libexec/tcpd fingerd -s -l > > -------------- > > That looks right. I also use the -h option on telentd. > > > ------ /etc/syslog.conf ----- > > # $Id: syslog.conf,v 1.9 1998/10/14 21:59:55 nate Exp $ > > # > > # Spaces are NOT valid field separators in this file. > > # Consult the syslog.conf(5) manpage. > > *.err;kern.debug;auth.notice;mail.crit /dev/console > > *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages > > mail.info /var/log/maillog > > lpr.info /var/log/lpd-errs > > cron.* /var/cron/log > > *.err root > > *.notice;news.err root > > *.alert root > > *.emerg * > > # uncomment these if you're running inn > > # news.crit /var/log/news/news.crit > > # news.err /var/log/news/news.err > > # news.notice /var/log/news/news.notice > > !startslip > > *.* /var/log/slip.log > > !ppp > > *.* /var/log/ppp.log > > !ftpd > > *.* /var/log/ftpd > > !fingerd > > *.*;daemon.notice /var/log/fingerd > > auth.*;authpriv.* /var/log/auth.log > > local0.* /var/log/tcpd.log > > local0.info;local0.debug /var/log/firewall.log > > local0.err /var/log/firewall.err > > !popper > > *.* /var/log/popper.log > > !telnetd > > *.* /var/log/telnetd > > I am not sure what the problem is here. I *think* it may be the > auth.notice bit in the /dev/console. Does the missing message appear on > the console? Try changing "auth.notice" to "auth.none;authpriv.none" on > the /dev/console line and see what happens. Again, I'm guessing. > I has tried, but tcp_wrappers still not working correctly :( regards, zul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message