Manual Pages for UNIX Darwin command on man hosts_access
MyWebUniversity

Manual Pages for UNIX Darwin command on man hosts_access

HOSTSACCESS(3) HOSTSACCESS(3)





NAME
       hostsaccess,  hostsctl,  requestinit,  requestset  - access control

       library


SYNOPSIS
       #include "tcpd.h"


       extern int allowseverity;
       extern int denyseverity;

       struct requestinfo *requestinit(request, key, value, ..., 0)
       struct requestinfo *request;

       struct requestinfo *requestset(request, key, value, ..., 0)
       struct requestinfo *request;

       int hostsaccess(request)
       struct requestinfo *request;

       int hostsctl(daemon, clientname, clientaddr, clientuser)
       char *daemon;
       char *clientname;
       char *clientaddr;
       char *clientuser;


DESCRIPTION
       The routines described in this  document  are  part  of  the  libwrap.a

       library.  They  implement  a  rule-based  access  control language with

       optional shell commands that are executed when a rule fires.

       requestinit() initializes a structure with information about a  client

       request.  requestset()  updates  an already initialized request struc-

       ture. Both functions take a variable-length list of key-value pairs and

       return  their first argument.  The argument lists are terminated with a

       zero key value. All string-valued arguments are  copied.  The  expected

       keys (and corresponding value types) are:

       RQFILE (int)
              The file descriptor associated with the request.


       RQCLIENTNAME (char *)

              The client host name.

       RQCLIENTADDR (char *)
              A printable representation of the client network address.

       RQCLIENTSIN (struct sockaddrin *)
              An  internal  representation  of  the client network address and
              port.  The contents of the structure are not copied.


       RQSERVERNAME (char *)

              The hostname associated with the server endpoint address.

       RQSERVERADDR (char *)
              A printable representation of the server endpoint address.

       RQSERVERSIN (struct sockaddrin *)
              An internal representation of the server  endpoint  address  and
              port.  The contents of the structure are not copied.

       RQDAEMON (char *)
              The name of the daemon process running on the server host.

       RQUSER (char *)
              The  name  of the user on whose behalf the client host makes the
              request.

       hostsaccess() consults the access  control  tables  described  in  the
       hostsaccess(5)  manual  page.   When  internal endpoint information is
       available, host names and client user names are looked  up  on  demand,
       using the request structure as a cache.  hostsaccess() returns zero if
       access should be denied.

       hostsctl() is a wrapper around the requestinit()  and  hostsaccess()
       routines  with  a perhaps more convenient interface (though it does not
       pass  on  enough  information  to  support  automated  client  username

       lookups).  The client host address, client host name and username argu-

       ments should contain valid data or STRINGUNKNOWN.  hostsctl() returns
       zero if access should be denied.

       The  allowseverity  and denyseverity variables determine how accepted
       and rejected requests may be logged.  They  must  be  provided  by  the
       caller and may be modified by rules in the access control tables.

DIAGNOSTICS       Problems are reported via the syslog daemon.


SEE ALSO
       hostsaccess(5),    format    of    the    access    control    tables.
       hostsoptions(5), optional extensions to the base language.

FILES       /etc/hosts.allow, /etc/hosts.deny, access control tables.


BUGS
       hostsaccess() uses the strtok() library function. This  may  interfere
       with other code that relies on strtok().

AUTHOR       Wietse Venema (wietse@wzv.win.tue.nl)
       Department of Mathematics and Computing Science
       Eindhoven University of Technology
       Den Dolech 2, P.O. Box 513,
       5600 MB Eindhoven, The Netherlands




                                                               HOSTSACCESS(3)



Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 MyWebUniversity.com ™