TCP wrappers are intended to provide wrapper daemons that can be installed without any changes to existing software. Most TCP/IP applications depend on the client/server model -- i.e., when a client requests a connection, a server process is started on the host. TCP wrappers work by interposing an additional layer, or wrapper, between client and server.

In the basic service, the wrapper simply logs the name of the client host and requested service, then hands this information over to the real daemon; it neither exchanges information with the client or server nor imposes overhead on the actual conversation between the two. Optional features may be enabled, including access control, client-user name lookups, and additional protection against hostname spoofing.

(The current version of the software, 7.6, can be obtained via FTP. See the Resources section below for the URL.)

Compilation

Many Unix flavors are supported by TCP wrappers, so you shouldn't have any trouble building from source. There are, however, a few decisions to make at compile time. Features, for example, can be turned on or off through definitions. Here is a list, with default values shown where appropriate:

STYLE = -DPROCESS_OPTIONS:	Enable language extensions. This is disabled by default.
FACILITY = LOG_MAIL:	Where do log records go? I prefer to set this to LOG_DAEMON so that everything goes to /var/log/daemon.
SEVERITY = LOG_INFO:	Indicates what level to give to the log message. The default, LOG_INFO, is fine.
HOSTS_ACCESS:	When compiled with this option, wrapper programs support a simple form of access control. Because this is the raison d'être of the suite, it's defined by default.
PARANOID:	When compiled with -DPARANOID, wrappers will always try to look up and double-check the client hostname, and will always refuse service in the case of a discrepancy between hostname and IP address. This is a reasonable policy for most systems. When compiled without -DPARANOID, wrappers still perform hostname lookup; however, where such lookups give conflicting results for hostname and IP address, hosts are not automatically rejected. They can be matched with the PARANOID wildcard in the access files, and a decision is made on whether or not to grant access.
DOT = -DAPPEND_DOT:	This appends a dot to every domain name -- transforming example.com into example.com. for instance. This is done because on many Unix systems 1234next » I like it! Email Print Share Slashdot Digg Stumble Reddit Newsvine Post a comment Your name: * E-mail: * The content of this field is kept private and will not be shown publicly. Subject: Comment: * Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> Lines and paragraphs break automatically. Incorrect please try again Try another Vision impaired Word challenge Help * Type both words below, separated by a space Security Check provided by reCAPTCHA. © 2008 Carnegie Mellon University, All rights reserved. peer-to-peer pasmith Kindle news: pricing, business models and ... source code? mulderjoe Cell phone gaming: In search of good mobile games jfruh The guts of the iPhone 3GS     Related content Creating vertical marquee in MS Silverlight Record installed .deb packages in a text file (Ubuntu/Debian) How to run fully-virtualized guests (HVM) with Xen 3.2 On Debian Lenny (x86_64) Using iSCSI On Debian Lenny (initiator and target) Making code review software tools help, not hinder Running an effective code review How to lead a code review Project Uncertainty? Insider Reveals Three Secrets for Success Cutting Costs & Exceeding Expectations – A Simple Seven Step Solution Linux command: Side by side diff Cartoon caption contest Enter your caption for this week's cartoon! The winner will receive a $25 Amazon gift card. Go now! Free books Essential JavaFX Get started building rich Web apps quickly with an introduction to the power of JavaFX key features -- scene node graphs, nodes as components, the coordinate system, layout options, colors and gradients, custom classes with inheritance, animation, binding, and event handlers.Enter now! The Nomadic Developer Consulting can be hugely rewarding, but it's easy to fail if you are unprepared. To succeed, you need a mentor who knows the lay of the land. Aaron Erickson is your mentor, and this is your guidebook. Enter now! View all » Webcasts Introduction to Intuit QuickBooks Enterprise Solutions How to Reduce Eclipse BIRT Development Effort for Data Visualizations Legacy IT Modernization - Practical Reality View all » White papers Riverbed Raises the Ante Again in WAN Optimization with RiOS 5.0 The 2009 Handbook of Application Delivery How to Address the Two Key Challenges with Virtualization The most Popular Recent IT Jobs How to hack your Prius Toyota's high-tech hybrid has a host of electronic hooks that you can fiddle with. These videos demonstrate how to turn your car into a true plug-in hybrid of the sort not yet available in showrooms; put the dashboard computer into diagnostic mode and muck around in its guts; or, if you're feeling really ambitious, control the car's drive-by-wire steering wheel from your laptop. Continue... Photo by vernieman DIY Netbook Linux How to Buy a Desktop-Replacement Laptop How to design a good API Getting executive buy-in for disaster preparedness Add Internet Search Shortcuts to Windows 7 Explorer Featured Sponsor Case Study: AISO grows its "green" business AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper. Download this white paper » Myth of the Million Dollar Database In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost. Download this white paper » Success Story: Weather.com handles whatever nature serves up On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now. Download this white paper » Marketplace Sponsored links 10,000+ CUSTOMERS RELY ON THE SUNGARD DIFFERENCE. DISCOVER WHY. HP StorageWorks products-control, consolidation and confidence. The end of phone tag. Sprint Mobile Integration. 64-page prescriptive guide to security, compliance, and IT operations. Use SaaS to Reduce Cost of Email Security - Find Out How Try the best rules engine free! Decisions.FICO.com Learn More from Boston University online Master of Science in CIS Network Tools Made By Engineers for Engineers Get agile IT security with CA Security Management Keep online transactions fast with CA Wily APM Payback in 9 months with CA Spectrum solutions ITwhitepapers.com - Access thousands of whitepapers on 300+ technical topics. Free Exchange webinar from Microsoft and Double-Take Software Top 5 Reasons Application Performance and Network Security Go Together About Us :: Advertise :: Contacts :: Privacy Policy :: Sitemap :: Submission Guidelines :: Submit an Article :: Terms of Service :: © 2009 ITworld. All rights reserved. The IDG Network CIO :: Computerworld :: CSO :: GamePro :: Games.net :: Industry Standard :: InfoWorld :: ITworld :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist DEMO :: IDG Connect :: IDG Knowledge Hub :: IDG Tech Network :: IDG World Expo