[1070] in linux-security and linux-alert archive
Re: [linux-security] TCP Wrappers Syslogging
daemon@ATHENA.MIT.EDU (Wietse Venema)
Sun Aug 25 20:28:04 1996
From: wietse@wzv.win.tue.nl (Wietse Venema)
To: linux-security@tarsier.cv.nrao.edu
Date: Sun, 25 Aug 96 16:28:51 MET DST
Cc: wietse@wzv.win.tue.nl (Wietse Venema),
nborisov@calum.csclub.uwaterloo.ca (Nikita Borisov)
In-Reply-To: <199608092108.RAA05583@calum.csclub.uwaterloo.ca>; from "Nikita Borisov" at Aug 9, 96 5:08 pm
During my vacation, Nikita Borisov posted a patch to make tcpd log the
client host address in addition to the client host name. Unfortunately
this patch can break the virtual host support, since it uses the same
static buffer for the %H (server) and %h (client) expansions.
+#ifdef ALWAYS_IP_ADDR
+ static char host_and_ip[2 * STRING_LENGTH+2];
+#endif
...
+#ifdef ALWAYS_IP_ADDR
+ sprintf(host_and_ip, "%s [%s]", host->name, eval_hostaddr(host));
+ return host_and_ip;
+#else
return (host->name);
+#endif
Today, the easiest way to log both the client name and address is to
change the syslog calls in tcpd.c and refuse.c.
Configurable syslog messages and message tags (with %letter expansions)
are one of the items on the tcp wrapper TODO list.
Wietse