*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->FreeBSD man pages -> request_init (3)              
Title
Content
Arch
Section
 

HOSTS_ACCESS(3)

Contents


NAME    [Toc]    [Back]

       hosts_access,  hosts_ctl,  request_init,  request_set  - access control
       library

SYNOPSIS    [Toc]    [Back]

       #include "tcpd.h"

       extern int allow_severity;
       extern int deny_severity;

       struct request_info *request_init(request, key, value, ..., 0)
       struct request_info *request;

       struct request_info *request_set(request, key, value, ..., 0)
       struct request_info *request;

       int hosts_access(request)
       struct request_info *request;

       int hosts_ctl(daemon, client_name, client_addr, client_user)
       char *daemon;
       char *client_name;
       char *client_addr;
       char *client_user;

DESCRIPTION    [Toc]    [Back]

       The routines described in this  document  are  part  of	the  libwrap.a
       library.  They  implement  a  rule-based  access  control language with
       optional shell commands that are executed when a rule fires.

       request_init() initializes a structure with information about a	client
       request.  request_set()	updates  an already initialized request structure.
 Both functions take a variable-length list of key-value pairs and
       return  their first argument.  The argument lists are terminated with a
       zero key value. All string-valued arguments are	copied.  The  expected
       keys (and corresponding value types) are:

       RQ_FILE (int)
	      The file descriptor associated with the request.

       RQ_CLIENT_NAME (char *)
	      The client host name.

       RQ_CLIENT_ADDR (char *)
	      A printable representation of the client network address.

       RQ_CLIENT_SIN (struct sockaddr_in *)
	      An  internal  representation  of	the client network address and
	      port.  The contents of the structure are not copied.

       RQ_SERVER_NAME (char *)
	      The hostname associated with the server endpoint address.

       RQ_SERVER_ADDR (char *)
	      A printable representation of the server endpoint address.

       RQ_SERVER_SIN (struct sockaddr_in *)
	      An internal representation of the server	endpoint  address  and
	      port.  The contents of the structure are not copied.

       RQ_DAEMON (char *)
	      The name of the daemon process running on the server host.

       RQ_USER (char *)
	      The  name  of the user on whose behalf the client host makes the
	      request.

       hosts_access() consults the access  control  tables  described  in  the
       hosts_access(5)	manual	page.	When  internal endpoint information is
       available, host names and client user names are looked  up  on  demand,
       using the request structure as a cache.	hosts_access() returns zero if
       access should be denied.

       hosts_ctl() is a wrapper around the request_init()  and	hosts_access()
       routines  with  a perhaps more convenient interface (though it does not
       pass  on  enough  information  to  support  automated  client  username
       lookups).  The client host address, client host name and username arguments
 should contain valid data or STRING_UNKNOWN.  hosts_ctl() returns
       zero if access should be denied.

       The  allow_severity  and deny_severity variables determine how accepted
       and rejected requests may be logged.  They  must  be  provided  by  the
       caller and may be modified by rules in the access control tables.

DIAGNOSTICS    [Toc]    [Back]

       Problems are reported via the syslog daemon.

SEE ALSO    [Toc]    [Back]

      
      
       hosts_access(5),    format    of    the	  access    control    tables.
       hosts_options(5), optional extensions to the base language.

FILES    [Toc]    [Back]

       /etc/hosts.allow, /etc/hosts.deny, access control tables.

BUGS    [Toc]    [Back]

       hosts_access() uses the strtok() library function. This	may  interfere
       with other code that relies on strtok().

AUTHOR    [Toc]    [Back]

       Wietse Venema (wietse@wzv.win.tue.nl)
       Department of Mathematics and Computing Science
       Eindhoven University of Technology
       Den Dolech 2, P.O. Box 513,
       5600 MB Eindhoven, The Netherlands




							       HOSTS_ACCESS(3)
[ Back ]
 Similar pages
Name OS Title
hosts_ctl OpenBSD tcp wrapper access control library
request_set OpenBSD tcp wrapper access control library
request_init OpenBSD tcp wrapper access control library
hosts_access OpenBSD tcp wrapper access control library
mac FreeBSD Mandatory Access Control
acl IRIX Access Control Lists
acl Tru64 Access control list
XSecurity Tru64 X display access control
Xsecurity Tru64 X display access control
Xsecurity IRIX X display access control
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service