/usr/share/doc/libwrap0/README.Debian is in libwrap0 7.6.q-25.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | tcp_wrappers for Debian
-----------------------
Extensions:
-----------
There are a number of Debian specific changes to TCP wrappers:
* libwrap.so.0 is available for dynamic linking.
* You can blacklist a whole bunch of hosts at once by specifying a
file that contains a list of those hosts instead of just naming
a host. See the hosts_access(5) manpage.
* You can allow or disallow access to a service depending on the
exit status of a program. See the hosts_access(5) manpage.
* CIDR support in hosts_access(5) functions.
* %r and %R parameters in hosts_access(5) functions.
* Servers can be matched by port number other than by process name.
* IPv6 support.
Library versioning:
-------------------
TCP wrappers isn't distributed as a shared library upstream, so the
versioning scheme used for TCP wrappers may not match Linux's library
versioning scheme. Hence, libwrap has a soname of libwrap0 (version 7.6),
instead of libwrap7 (version 6).
Build options:
--------------
STYLE = "-DPROCESS_OPTIONS -DACLEXEC"
Debian TCP Wrappers use the extended syntax for /etc/hosts.allow
and /etc/hosts.deny. This particularly affects spawning other
commands on connections, see the hosts_options(5) manpage for
more details.
FACILITY = LOG_DAEMON
SEVERITY = LOG_INFO
TCP Wrappers logs as daemon.info (rather than mail.info).
BUGS =
Linux has no bugs. :)
VSYSLOG =
libc6 has vsyslog built in.
UMASK = -DDAEMON_UMASK=022
NETGROUP = -DNETGROUP
RFC931_TIMEOUT = 10
ACCESS = -DHOSTS_ACCESS
TABLES = -DHOSTS_DENY=\"/etc/hosts.deny\" -DHOSTS_ALLOW=\"/etc/hosts.al
low\"
KILL_OPT = -DKILL_IP_OPTIONS
EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR -DHAVE_WEAKSYMS -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len"
The options ALWAYS_RFC931, ALWAYS_HOSTNAME and PARANOID have not been
enabled because these features can be enabled at runtime. The option
APPEND_DOT is not enabled because of compatibility reasons.
|