Difference between revisions of "TCP Wrappers"

From CBLFS
Jump to navigationJump to search
(Intro)
Line 2: Line 2:
 
|-valign="top"
 
|-valign="top"
 
!Download Source:
 
!Download Source:
| ftp://ftp.porcupine.org/pub/security/tcp_wrappers_{{TCP_Wrappers-Version}}.tar.gz
+
| http://ftp.coe.psu.ac.th/debian-ipv6/pool/ipv6/tcp-wrappers/tcp-wrappers_{{TCP_Wrappers-Version}}.orig.tar.gz
 
|-valign="top"
 
|-valign="top"
 
!Download Patch:
 
!Download Patch:
| http://svn.cross-lfs.org/svn/repos/patches/tcp_wrappers/tcp_wrappers-{{TCP_Wrappers-Version}}-shared_lib_plus_plus-1.patch
+
| http://ftp.coe.psu.ac.th/debian-ipv6/pool/ipv6/tcp-wrappers/tcp-wrappers_{{TCP_Wrappers-Version}}.diff.gz
 
|-
 
|-
 
|}
 
|}
Line 11: Line 11:
 
----
 
----
  
{{Package-Introduction|TCP Wrapper is a host-based network ACL system, used to filter network access to Internet protocol services run on Unix-like operating systems.|ftp://ftp.porcupine.org/pub/security/index.html}}
+
{{Package-Introduction|TCP Wrapper is a host-based network ACL system, used to filter network access to Internet protocol services run on Unix-like operating systems.|ftp://ftp.porcupine.org/pub/security/index.html.  Updated to support ipv6 through debian port.}}
  
 
== Configuration Information ==
 
== Configuration Information ==
Line 17: Line 17:
 
{{Note|TCP Wrapper does use DESTDIR. However, it fails to create the necessary directories for it and so <i>make install</i> fails when using DESTDIR. You need to create the necessary directories prior to installation.}}
 
{{Note|TCP Wrapper does use DESTDIR. However, it fails to create the necessary directories for it and so <i>make install</i> fails when using DESTDIR. You need to create the necessary directories prior to installation.}}
  
 +
install -dv <DESTDIR>/lib (or lib{32} or lib{64})
 
  install -dv <DESTDIR>/usr/include
 
  install -dv <DESTDIR>/usr/include
 
  install -dv <DESTDIR>/usr/lib (or lib{32} or lib{64})
 
  install -dv <DESTDIR>/usr/lib (or lib{32} or lib{64})
Line 26: Line 27:
 
Configure and compile the package:
 
Configure and compile the package:
  
  patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version}}-shared_lib_plus_plus-1.patch &&
+
  gzip -dc ../tcp_wrappers-{{TCP_Wrappers-Version}}.patch.gz | patch -Np1 &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux  
 
  make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux  
Line 40: Line 41:
 
Configure and compile the package:
 
Configure and compile the package:
  
  patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version}}-shared_lib_plus_plus-1.patch &&
+
  gzip -dc ../tcp_wrappers-{{TCP_Wrappers-Version}}.patch.gz | patch -Np1 &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  make CC="gcc ${BUILD32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux  
 
  make CC="gcc ${BUILD32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux  
Line 52: Line 53:
 
Configure and compile the package:
 
Configure and compile the package:
  
  patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version}}-shared_lib_plus_plus-1.patch &&
+
  gzip -dc ../tcp_wrappers-{{TCP_Wrappers-Version}}.patch.gz | patch -Np1 &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  sed -i -e "s@/lib/@/lib32/@g" Makefile &&
 
  sed -i -e "s@/lib/@/lib32/@g" Makefile &&
Line 65: Line 66:
 
Configure and compile the package:
 
Configure and compile the package:
  
  patch -Np1 -i ../tcp_wrappers-{{TCP_Wrappers-Version}}-shared_lib_plus_plus-1.patch &&
+
  gzip -dc ../tcp_wrappers-{{TCP_Wrappers-Version}}.patch.gz | patch -Np1 &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
 
  sed -i -e "s@/lib/@/lib64/@g" Makefile &&
 
  sed -i -e "s@/lib/@/lib64/@g" Makefile &&

Revision as of 05:01, 17 September 2008

Download Source: http://ftp.coe.psu.ac.th/debian-ipv6/pool/ipv6/tcp-wrappers/tcp-wrappers_7.6-ipv6.1.orig.tar.gz
Download Patch: http://ftp.coe.psu.ac.th/debian-ipv6/pool/ipv6/tcp-wrappers/tcp-wrappers_7.6-ipv6.1.diff.gz

Introduction to TCP Wrappers

TCP Wrapper is a host-based network ACL system, used to filter network access to Internet protocol services run on Unix-like operating systems.

Project Homepage: ftp://ftp.porcupine.org/pub/security/index.html. Updated to support ipv6 through debian port.

Configuration Information

Caution.png

Note

TCP Wrapper does use DESTDIR. However, it fails to create the necessary directories for it and so make install fails when using DESTDIR. You need to create the necessary directories prior to installation.
install -dv <DESTDIR>/lib (or lib{32} or lib{64})
install -dv <DESTDIR>/usr/include
install -dv <DESTDIR>/usr/lib (or lib{32} or lib{64})
install -dv <DESTDIR>/usr/sbin
install -dv <DESTDIR>/usr/share/man/man{3,5,8}

Non-Multilib

Configure and compile the package:

gzip -dc ../tcp_wrappers-7.6-ipv6.1.patch.gz | patch -Np1 &&
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux 

Install the package:

make install

Multilib

32Bit

Configure and compile the package:

gzip -dc ../tcp_wrappers-7.6-ipv6.1.patch.gz | patch -Np1 &&
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
make CC="gcc ${BUILD32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux 

Install the package:

make install

N32

Configure and compile the package:

gzip -dc ../tcp_wrappers-7.6-ipv6.1.patch.gz | patch -Np1 &&
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
sed -i -e "s@/lib/@/lib32/@g" Makefile &&
make CC="gcc ${BUILDN32}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux 

Install the package:

make install

64Bit

Configure and compile the package:

gzip -dc ../tcp_wrappers-7.6-ipv6.1.patch.gz | patch -Np1 &&
sed -i "s,^extern char \*malloc();,/* & */," scaffold.c &&
sed -i -e "s@/lib/@/lib64/@g" Makefile &&
make CC="gcc ${BUILD64}" REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux 

Install the package:

make install

Contents

Installed Programs: tcpd, tcpdchk, tcpdmatch, try-from, and safe_finger
Installed Libraries: libwrap.{so,a}
Installed Directories: None

Short Descriptions

tcpd is the main access control daemon for all Internet services, which inetd or xinetd will run instead of running the requested service daemon.
tcpdchk is a tool to examine a tcpd wrapper configuration and report problems with it.
tcpdmatch is used to predict how the TCP wrapper would handle a specific request for a service.
try-from can be called via a remote shell command to find out if the host name and address are properly recognized.
safe_finger is a wrapper for the finger utility, to provide automatic reverse name lookups.
libwrap.{so,a} contains the API functions required by the TCP Wrapper programs as well as other programs to become “TCP Wrapper-aware”.