Problems getting tcp wrappers to work in Solaris
hi, I am running out of ideas how to get syslog-ng to work properly with tcp wrappers. For hosts.deny: ALL: PARANOID ALL: ALL For hosts.allow: syslogng : 1.2.3.4 syslog-ng : 1.2.3.4 I have not been successful getting syslog-ng to refuse logging data from other hosts in my test lab. Can someone pass along the format required for properly implementing tcp wrappers for syslog-ng? Thanks, Jason
Jason Buchanan writes:
Can someone pass along the format required for properly implementing tcp wrappers for syslog-ng?
I do this : in hosts.deny: syslog-ng: ALL EXCEPT 1.2.3.4 And I don't have a hosts.allow file. However, the example you posted looked OK - it's possible there's something else wrong. Have you tried strace/ktrace/truss as appropriate for your platform and see if syslog-ng is actually searching for / reading in /etc/hosts.allow and hosts.deny?
On Wed, Dec 18, 2002 at 11:11:38PM -0500, Ed Ravin wrote:
Jason Buchanan writes:
Can someone pass along the format required for properly implementing tcp wrappers for syslog-ng?
I do this :
in hosts.deny:
syslog-ng: ALL EXCEPT 1.2.3.4
And I don't have a hosts.allow file.
However, the example you posted looked OK - it's possible there's something else wrong. Have you tried strace/ktrace/truss as appropriate for your platform and see if syslog-ng is actually searching for / reading in /etc/hosts.allow and hosts.deny?
Have you configured syslog-ng to actually use TCP wrappers? Hint: check your './configure' output. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
Balazs Scheidler wrote:
On Wed, Dec 18, 2002 at 11:11:38PM -0500, Ed Ravin wrote:
Jason Buchanan writes:
Can someone pass along the format required for properly implementing tcp wrappers for syslog-ng?
I do this :
in hosts.deny:
syslog-ng: ALL EXCEPT 1.2.3.4
And I don't have a hosts.allow file.
However, the example you posted looked OK - it's possible there's something else wrong. Have you tried strace/ktrace/truss as appropriate for your platform and see if syslog-ng is actually searching for / reading in /etc/hosts.allow and hosts.deny?
Have you configured syslog-ng to actually use TCP wrappers? Hint: check your './configure' output.
configure doesn't seem to work real well. I have tcpd.h in /usr/local/include but configure doesn't find it. I make a symlink so configure could find it in /usr/include but that didn't work either. So I copied libwrap.a to /usr/lib but it still wasn't finding hosts_access in the library, even though I rebuilt tcp wrappers from a freshly-extracted archive. Is there a different tcp wrappers distribution that I should use? This is for Solaris 8. Thanks! Sorry for the long quote - hopefully it will help anyone else who missed the first part of the thread.
participants (3)
-
Balazs Scheidler
-
Ed Ravin
-
Jason Buchanan