Difference between revisions of "TCP Wrappers"
From CBLFS
Jump to navigationJump to searchDevilsclaw (talk | contribs) m |
|||
(21 intermediate revisions by 8 users not shown) | |||
Line 1: | Line 1: | ||
{| style="text-align: left; background-color: AliceBlue;" | {| style="text-align: left; background-color: AliceBlue;" | ||
− | |- | + | |-valign="top" |
!Download Source: | !Download Source: | ||
− | | | + | | http://ftp.uni-erlangen.de/debian-ipv6/pool/ipv6/tcp-wrappers/tcp-wrappers_{{TCP_Wrappers-Version}}.orig.tar.gz |
− | |- | + | |-valign="top" |
!Download Patch: | !Download Patch: | ||
− | | http:// | + | | http://svn.cross-lfs.org/svn/repos/patches/tcp_wrappers/tcp_wrappers-{{TCP_Wrappers-Version2}}-ipv6-1.patch |
|- | |- | ||
|} | |} | ||
Line 11: | Line 11: | ||
---- | ---- | ||
− | == | + | {{Package-Introduction|TCP Wrapper is a host-based network ACL system, used to filter network access to Internet protocol services run on Unix-like operating systems.|ftp://ftp.porcupine.org/pub/security/index.html. Updated to support ipv6 through debian port.}} |
+ | |||
+ | == Configuration Information == | ||
+ | |||
+ | {{Note|TCP Wrapper does use DESTDIR. However, it fails to create the necessary directories for it and so <i>make install</i> fails when using DESTDIR. You need to create the necessary directories prior to installation.}} | ||
+ | |||
+ | install -dv <DESTDIR>/lib (or lib{32} or lib{64}) | ||
+ | install -dv <DESTDIR>/usr/include | ||
+ | install -dv <DESTDIR>/usr/lib (or lib{32} or lib{64}) | ||
+ | install -dv <DESTDIR>/usr/sbin | ||
+ | install -dv <DESTDIR>/usr/share/man/man{3,5,8} | ||
== Non-Multilib == | == Non-Multilib == | ||
Line 17: | Line 27: | ||
Configure and compile the package: | Configure and compile the package: | ||
− | patch -Np1 -i ../tcp_wrappers- | + | patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version2}}-ipv6-1.patch && |
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | ||
+ | sed -i "s/ln -s/ln -sf/" Makefile && | ||
make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | ||
Line 31: | Line 42: | ||
Configure and compile the package: | Configure and compile the package: | ||
− | patch -Np1 -i ../tcp_wrappers- | + | patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version2}}-ipv6-1.patch && |
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | ||
+ | sed -i "s/ln -s/ln -sf/" Makefile && | ||
make CC="gcc ${BUILD32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | make CC="gcc ${BUILD32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | ||
Line 43: | Line 55: | ||
Configure and compile the package: | Configure and compile the package: | ||
− | patch -Np1 -i ../tcp_wrappers- | + | patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version2}}-ipv6-1.patch && |
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | ||
sed -i -e "s@/lib/@/lib32/@g" Makefile && | sed -i -e "s@/lib/@/lib32/@g" Makefile && | ||
+ | sed -i "s/ln -s/ln -sf/" Makefile && | ||
make CC="gcc ${BUILDN32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | make CC="gcc ${BUILDN32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | ||
Line 56: | Line 69: | ||
Configure and compile the package: | Configure and compile the package: | ||
− | patch -Np1 -i ../tcp_wrappers- | + | patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version2}}-ipv6-1.patch && |
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && | ||
sed -i -e "s@/lib/@/lib64/@g" Makefile && | sed -i -e "s@/lib/@/lib64/@g" Makefile && | ||
+ | sed -i "s/ln -s/ln -sf/" Makefile && | ||
make CC="gcc ${BUILD64}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | make CC="gcc ${BUILD64}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux | ||
Line 64: | Line 78: | ||
make install | make install | ||
+ | |||
+ | = Contents = | ||
+ | |||
+ | {| style="text-align: left;" | ||
+ | |-valign="top" | ||
+ | ! Installed Programs: | ||
+ | | tcpd, tcpdchk, tcpdmatch, try-from, and safe_finger | ||
+ | |-valign="top" | ||
+ | ! Installed Libraries: | ||
+ | | libwrap.{so,a} | ||
+ | |-valign="top" | ||
+ | ! Installed Directories: | ||
+ | | None | ||
+ | |} | ||
+ | |||
+ | === Short Descriptions === | ||
+ | |||
+ | {| style="text-align: left;" | ||
+ | |-valign="top" | ||
+ | ! tcpd | ||
+ | | is the main access control daemon for all Internet services, which '''inetd''' or '''xinetd''' will run instead of running the requested service daemon. | ||
+ | |-valign="top" | ||
+ | ! tcpdchk | ||
+ | | is a tool to examine a '''tcpd''' wrapper configuration and report problems with it. | ||
+ | |-valign="top" | ||
+ | ! tcpdmatch | ||
+ | | is used to predict how the TCP wrapper would handle a specific request for a service. | ||
+ | |-valign="top" | ||
+ | ! try-from | ||
+ | | can be called via a remote shell command to find out if the host name and address are properly recognized. | ||
+ | |-valign="top" | ||
+ | ! safe_finger | ||
+ | | is a wrapper for the '''finger''' utility, to provide automatic reverse name lookups. | ||
+ | |-valign="top" | ||
+ | ! libwrap.{so,a} | ||
+ | | contains the API functions required by the TCP Wrapper programs as well as other programs to become “TCP Wrapper-aware”. | ||
+ | |} | ||
+ | |||
+ | [[Category:General Libs]] |
Latest revision as of 18:27, 19 August 2009
Contents
Introduction to TCP Wrappers
TCP Wrapper is a host-based network ACL system, used to filter network access to Internet protocol services run on Unix-like operating systems.
Project Homepage: ftp://ftp.porcupine.org/pub/security/index.html. Updated to support ipv6 through debian port.
Configuration Information
TCP Wrapper does use DESTDIR. However, it fails to create the necessary directories for it and so make install fails when using DESTDIR. You need to create the necessary directories prior to installation.
install -dv <DESTDIR>/lib (or lib{32} or lib{64}) install -dv <DESTDIR>/usr/include install -dv <DESTDIR>/usr/lib (or lib{32} or lib{64}) install -dv <DESTDIR>/usr/sbin install -dv <DESTDIR>/usr/share/man/man{3,5,8}
Non-Multilib
Configure and compile the package:
patch -Np1 -i ../tcp_wrappers-7.6-ipv6-1.patch && sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && sed -i "s/ln -s/ln -sf/" Makefile && make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux
Install the package:
make install
Multilib
32Bit
Configure and compile the package:
patch -Np1 -i ../tcp_wrappers-7.6-ipv6-1.patch && sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && sed -i "s/ln -s/ln -sf/" Makefile && make CC="gcc ${BUILD32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux
Install the package:
make install
N32
Configure and compile the package:
patch -Np1 -i ../tcp_wrappers-7.6-ipv6-1.patch && sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && sed -i -e "s@/lib/@/lib32/@g" Makefile && sed -i "s/ln -s/ln -sf/" Makefile && make CC="gcc ${BUILDN32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux
Install the package:
make install
64Bit
Configure and compile the package:
patch -Np1 -i ../tcp_wrappers-7.6-ipv6-1.patch && sed -i "s,^extern char \*malloc();,/* & */," scaffold.c && sed -i -e "s@/lib/@/lib64/@g" Makefile && sed -i "s/ln -s/ln -sf/" Makefile && make CC="gcc ${BUILD64}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux
Install the package:
make install
Contents
Installed Programs: | tcpd, tcpdchk, tcpdmatch, try-from, and safe_finger |
---|---|
Installed Libraries: | libwrap.{so,a} |
Installed Directories: | None |
Short Descriptions
tcpd | is the main access control daemon for all Internet services, which inetd or xinetd will run instead of running the requested service daemon. |
---|---|
tcpdchk | is a tool to examine a tcpd wrapper configuration and report problems with it. |
tcpdmatch | is used to predict how the TCP wrapper would handle a specific request for a service. |
try-from | can be called via a remote shell command to find out if the host name and address are properly recognized. |
safe_finger | is a wrapper for the finger utility, to provide automatic reverse name lookups. |
libwrap.{so,a} | contains the API functions required by the TCP Wrapper programs as well as other programs to become “TCP Wrapper-aware”. |