tcpd.conf(4)tcpd.conf(4)NAMEtcpd.conf - configuration file for tcpd
DESCRIPTION
When invokes for a service, it will read and perform access control
checks (see tcpd(1M)).
Each line in the file is treated either as a comment or as configura‐
tion information. Commented lines begin with Uncommented lines contain
two required fields, key and value. The fields are separated by tabs
and/or spaces. A line can be continued if it terminates with a back‐
slash
The following are the configuration parameters:
The RFC931 username lookup can be enabled or disabled through
this parameter. Value for n specifies the time-out value (in
seconds), to be used while getting the username information from
the client.
A value of zero for n disables the rfc931 feature.
The default configuration of this disables the rfc931 feature
with n value equal to 0.
The maximum value to which n can be set is 30 seconds.
This parameter determines whether should allow or deny the con‐
nection request on reverse lookup failure.
In both the cases, will log the event of reverse lookup failure,
but in the case, it will reject the connection request just
after reverse lookup failure. In the case, the hostname can be
matched with the PARANOID wildcard (see hosts_options(5)) in
access control files and
The default value for this is
This parameter determines the level at which should log the
information using A value of will cause the TCP Wrappers daemon
(see tcpd(1M)), to log the ACLs information such as with which
entry the client request is matched and this entry's related
options.
The default value for this entry is in which case will only log
the connection details about refusal or acceptance of the con‐
nection in the form of `connection from abc@xyz_host'.
Processing Invalid and Multiple Entries
processes invalid and multiple entries in the following ways:
· An invalid entry for a configuration parameter is ignored. Instead,
the default value for the configuration parameter will be used. For
example, the following invalid entry for log_level will be replaced
by the use of normal.
will be treated as:
· If multiple entries for a configuration parameter are specified,
only the last occurring entry is processed and the rest are ignored.
For example, in the following two entries for the last value of 25
is used for that parameter.
EXAMPLES
To set the a 25 seconds time-out value for RFC931 user name lookup:
To disable the RFC931 user name lookup:
To make to allow a host on reverse lookup failure and process that host
as in ACLs:
To set the extended logging option:
AUTHOR
was developed by the Hewlett-Packard.
SEE ALSOinetd(1M), tcpd(1M).
tcpd.conf(4)