HP-UX Internet Services Administrator's Guide (August 2003)
TCP Wrappers
Overview
Chapter 3 43
Overview
The Internet services server, inetd, allows a single process to wait for
multiple services instead of the single process waiting for each service.
When a connection is established with inetd for a service, inetd runs
the appropriate server specified in the /etc/inetd.conf file and waits
for other connections.
If you enable TCP wrappers, inetd runs a TCP wrapper daemon, tcpd,
instead of running the requested service directly. When a request for a
service is received, inetd invokes tcpd for the service. tcpd logs the
request and checks the access control files for a matching daemon-client
pair entry to either grant or deny access to the requested service. If
access is granted to the requested service, tcpd invokes the appropriate
server program.
You can define configuration parameters such as logging behavior, user
name lookups, and reverse look up failure behavior in the configuration
file /etc/tcpd.conf. tcpd reads the configuration file /etc/tcpd.conf
file for configuration parameters during runtime.
The wrappers program does not work with RPC services over TCP. These
services are registered as rpc or tcp in the /etc/inetd.conf file. The
only non-trivial service that is affected by this limitation is rexd used by
the on command.