On Thu, Jan 07, 1999 at 04:56:32PM -0600, Alexander Kushnirenko wrote: > Hi, > > Thanks for the comments, But would wrapping Apache do any good? AFAIK > wrapping works only when daemon starts and Apache is sort of always on?
I would not suggest running a web server from inetd. If the web server persists after the first connection, that is fine, but you are correct in that this behavior excludes using tcpd. It does not exclude having libwrap built in to the daemon and I'm not sure if apache is built with this support. The libwrap code starts when there is a connection to the port and the program handsoff the info to libwrap. It _then_ opens the /etc/hosts.{allow,deny} files in order to check the validity of the connection. /usr/sbin/tcpd however, is passed the actual connection and it checks the validity. If it's ok then it passes the connection off to the daemon. -- ----- -- - -------- --------- ---- ------- ----- - - --- -------- Ben Collins <[EMAIL PROTECTED]> Debian GNU/Linux UnixGroup Admin - Jordan Systems Inc. [EMAIL PROTECTED] ------ -- ----- - - ------- ------- -- The Choice of the GNU Generation