From: Donovan, Jeffrey \(Jeff\), WCS (jmd@att.com)
Date: Fri Mar 17 2006 - 16:43:29 EST
This organization is great! Got an answer in about 15 minutes.
Thanks to:
Richard Butler
Chris Barnard
Casper Dik
Erek Adams
Chris and Richard had the easiest solution:
You can do it with the tcpwrapper extensions - that is you put lines
like below into hosts.allow:
ALL: 10.0. : severity local2.notice: ALLOW
ALL: ALL: severity local2.warning: DENY
and set syslog.conf for where to log local2
or along the same lines:
In your hosts.allow and/or hosts.deny files, you add a third entry that
is the syslog level.
[ onboard2qa-n!/root ] >> more /etc/hosts.deny
ALL: ALL: severity LOCAL3.notice
Then in your syslog.conf file you do
local3.info /var/log/tcpd.log
HUP syslog.
voila. tcp entries are logged in /var/log/tcpd.log
Thanks to all who responded.
Jeff Donovan
Infrastructure Design
________________________________
From: Donovan, Jeffrey (Jeff), WCS
Sent: Friday, March 17, 2006 12:33 PM
To: 'sunmanagers@sunmanagers.org'
Subject: Solaris 10 tcp wrappers with syslog
Hi,
Does anyone know the entry to syslog.conf to capture tcp wrapper
information into a log file with the bundled version in Solaris 10? We
used to use a shareware version and added the following to syslog.conf
because it was compiled that way:
local2.notice /var/opt/tcpw/logs/tcpd.log
This doesn't work for the Solaris 10 version. SSH is configurable in the
sshd_config file but I can't any info for tcp wrappers.
Any help would be appreciated.
Thanks
Jeff Donovan
Infrastructure Design
[demime 1.01b removed an attachment of type image/jpeg which had a name of image001.jpg]
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:39:19 EDT