On Fri, Nov 01, 2019 at 06:46:25PM -0400, Gene Heskett wrote: > I'll make sure its installed. Right now. But that is a problem: > root@coyote:etc$ apt install tcpwrappers
... no, Gene. TCP wrappers is a *library*, and its package name in Debian is libwrap0. wooledg:~$ apt-cache search tcp wrappers fakeroot - tool for simulating superuser privileges libfakeroot - tool for simulating superuser privileges - shared libraries libauthen-libwrap-perl - module providing access to the TCP Wrappers library python-tcpwrap - Python interface for libwrap0 (TCP wrappers) ruby-proxifier - add support for HTTP or SOCKS proxies sendmail - powerful, efficient, and scalable Mail Transport Agent (metapackage) sendmail-bin - powerful, efficient, and scalable Mail Transport Agent libwrap0 - Wietse Venema's TCP wrappers library libwrap0-dev - Wietse Venema's TCP wrappers library, development files ucspi-tcp - command-line tools for building TCP client-server applications ucspi-tcp-ipv6 - command-line tools for building TCP client-server applications (IPv6) (At least learn how to use the basic Debian utilities.) A given program is either built with libwrap, or it isn't. You can't just install it and have it affect programs that aren't built to use it. (It actually has a second mode of operation, though -- in a service manager like inetd or xinetd, you can use TCP wrappers as an actual wrapper program that inetd invokes. Then the wrapper can validate whether it wants to continue this connection or not, and if it chooses to allow the connection, it will exec the actual daemon that it's wrapping, e.g. in.ftpd or in.telnetd or some other relic of the bronze age.) (None of this applies to Apache, which is NOT linked with libwrap0, and which is NOT launched by a service manager. It's a standalone daemon that does its own socket listening, so there's no place to insert a chain-loading wrapper program.)