From owner-freebsd-stable Tue Apr 24 5:45:22 2001 Delivered-To: freebsd-stable@freebsd.org Received: from everest.wananchi.com (everest.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id 909F337B424 for ; Tue, 24 Apr 2001 05:45:12 -0700 (PDT) (envelope-from wash@everest.wananchi.com) Received: from wash by everest.wananchi.com with local (Exim 3.22 #2) id 14s2An-0004YF-00 for freebsd-stable@freebsd.org; Tue, 24 Apr 2001 15:44:05 +0300 Date: Tue, 24 Apr 2001 15:44:05 +0300 From: Odhiambo Washington To: FBSD-STABLE Subject: TCPD and a Perl Script Message-ID: <20010424154405.D14265@everest.wananchi.com> Mail-Followup-To: Odhiambo Washington , FBSD-STABLE Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="AkbCVLjbJ9qUtAXD" Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD everest.wananchi.com 4.3-STABLE FreeBSD 4.3-STABLE X-Mailer: Mutt http://www.mutt.org/ X-Location: Nairobi, KE, East Africa. X-Uptime: 3:30PM up 2 days, 9:37, 2 users, load averages: 0.05, 0.07, 0.07 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --AkbCVLjbJ9qUtAXD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi All, I have a gloomy situation here. I have some perl script whose owners say must be wrapped and they give the following scenario as what I am supposed to do in Linux - but I want the script to run in FreeBSD! I am therefore writing to enlist the assistance of FreeBSD experts on this. It is important that this script is wrapped, as the owners say... I have to add the etc/services this line:=20 UnixMgmt 3830/tcp Then I have to wrap the thing this way in inetd.conf UnixMgmt stream tcp nowait root path/to/tcpd /path/to/script.pl Of course the instructions they gave are for a linux machine. But I am also assuming that there is a possibility of running the same in FreeBSD. So far this is what I have tried: Added the relevant line to /etc/services, then Added the appropriate line to /etc/inetd.conf, and because inetd has tcpwrapper support built in, I assumed that the service will be wrapped automatically. I must be wrong??? I edited /etc/hosts.allow: # allow only local network users to access UnixMgt service script.pl : 192.168.123.0/255.255.255.0 : allow script.pl : ALL : deny And then I gave a HUP to inetd. I then tested to see what my tcp filters are doing with something like everest# tcpdmatch script.pl 1.2.3.4 warning: script.pl: service possibly not wrapped client: address 1.2.3.4 server: process script.pl matched: /etc/hosts.allow line 48 option: allow access: granted =20 =2E..and as compared to a typical deamon.... =20 everest# tcpdmatch ntalkd 1.2.3.4 client: address 1.2.3.4 server: process ntalkd matched: /etc/hosts.allow line 35 option: allow access: granted =20 So seems that something still has to be done????=20 Someone SOS, please. TIA -Wash -- Odhiambo Washington Wananchi Online Ltd., wash@wananchi.com 1st Flr Loita Hse Tel: 254 2 313985 Loita Street., Fax: 254 2 313922 PO Box 10286, 00100-NAIROBI,KE. --AkbCVLjbJ9qUtAXD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE65XUUn7LIsuxjem8RApn2AJ9vCFC0pmgchwlcLszfHR2V8GFggwCfaMOb 3qRYpC+tDn+HSi8aLQtmqpQ= =+fEU -----END PGP SIGNATURE----- --AkbCVLjbJ9qUtAXD-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message