Home > Developer > Mobile Develop

Another access control mechanism TCP Wrappers

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

TCP Wrappers

In the previous article we introduced the Iptables,iptables is also an access control mechanism. Due to the iptables in the parameters too much, for beginners to fully grasp the iptables has a certain degree of difficulty. Therefore, here we introduce another simple access control mechanism, that is, TCP Wrappers.

TCP wrappers works primarily by parsing the header information of TCP and matching the rules in/etc/hosts.allow and/etc/hosts.deny to determine which hosts can access system services or resources.



TCP Wrappers Although the TCP protocol can filter the message, but not all TCP protocol packets TCP wrappers can be filtered out. Only a function library that is linked to a TCP wrappers (this library is called libwrap.so) can use TCP wrappers for packet filtering.

To see if a service is linked to the libwrap.so dynamic function library, use the following command to view it:

LDD $ (which service name) or LDD ' which service name '

For example: To see if the sshd service is linked to the libwrap.so service, you can use the following command:

LDD $ (which sshd) | grep ' LibWrap '


Of course, some services are not linked to this dynamic function library, TCP wrappers can also be matched to their processing. The reason is that the function library of TCP wrappers is compiled directly into the service or program. So some services also support TCP Wrappers.

To see if a function library for TCP wrappers is compiled directly into a program, use the following command:

String ' which service name ' | grep hosts

If the following two lines appear, the TCP Wrappers function library is compiled directly into a program.

/etc/hosts.allow

/etc/hosts.deny

These two files are the files that are used when the TCP Wrappers matches the rule, and the two files appear to indicate that the service supports TCP Wrappers.



This article is from the "Linux Learning path" blog, so be sure to keep this source http://xslwahaha.blog.51cto.com/4738972/1571793

Another access control mechanism TCP Wrappers

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More