TCP Wrappers Release Notes
What’s in This Version
TCP Wrapper Features
Chapter 112
tcpdchk examines the tcp wrapper configuration and reports all
potential and real problems it can encounter. The program examines
the tcpd access control files (by default, these are /etc/hosts.allow and
/etc/hosts.deny), and compares the entries in these files against the
entries in the /etc/inetd.conf file.
This is executed on the command line as:
/usr/bin/tcpdchk [-a] [-d] [-i inet_conf] [-v]
Where
“-a” option is used to report access control rules that grant access
without an explicit ALLOW keyword.
“-d” option is used to examine the hosts.allow and hosts.deny files in
the current directory instead of the default ones.
“-i inet_conf” option is used, if you want to specify a different path for
the inetd configuration file instead of the default one, i.e.
/etc/inetd.conf.
“-v” option is used to display the contents of each access control rule.
The daemon lists, client lists, shell commands, and options are
shown in a printable format; this helps you spot any discrepancies
between what you want and what this program understands.
NOTE Refer to the tcpdchk(1) man page for more information.
• tcpdmatch
tcpdmatch is a tool that can be used to simulate the Wrappers
daemon program, tcpd’s behaviour for a particular host and a
particular service.
tcpdmatch predicts how the tcp wrapper daemon would handle a
specific service request.The program examines the tcpd access
control tables (default /etc/hosts.allow and /etc/hosts.deny) and prints
its conclusion. For maximum accuracy, it extracts additional
information from the /etc/inetd.conf file.
This is executed on the command line as:
/usr/bin/tcpdmatch [-d] [-i inet_conf] daemon client