Manualshelf

HP-UX Internet Services Administrator's Guide (May 2010)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Networking Software
41424344454647484950
For more information, type man 1 finger at the HP-UX prompt.
Following is an example of the safe_finger command:
# /usr/bin/safe_finger -l @xyz.abc.def.com
This command prints the user information on the remote host xyz.abc.def.com.
HP recommends you to use this program to implement traps in the access control
language of the files /etc/hosts.allow and /etc/hosts.deny.
For more information on setting traps, type man 5 hosts_access at the HP-UX
prompt.
IPv6 Support
To enable access control mechanism to IPv6 connections of a service, you must enable
IPv6 support to that service in the /etc/inetd.conffile. You must specify the protocol
in the /etc/inetd.conf file as tcp6 or upd6, to enable IPv6 support for a particular
service.
For example, to support IPv6 functionality for the ftpd service, you must modify the
/etc/inetd.conf file as follows:
ftp stream tcp6 nowait root /usr/bin/ftpd ftpd -l
However, if you specify tcp instead of tcp6, ftp operates in the IPv4 mode.
Troubleshooting
tcpd logs the connection-related information and problems encountered during a
connection in the /var/adm/syslog/syslog.log file, before invoking the actual
service daemon.
You can enable logging in tcpd by specifying the logging level parameter in the
/etc/tcpd.conf file. The syntax for specifying the logging level parameter is as
follows:
log_level { normal extended }
With an extended parameter, tcpd logs the ACL information, such as, the entry with
which the client request is matched and the entry’s related options. The default logging
level parameter is normal which logs connection details, such as, acceptance or refusal
of connections.
TCP wrappers provides the tools tcpdchk and tcpdmatch for troubleshooting.
tcpdchk validates the inetd.conf, hosts.allow and hosts.deny entries in the
configuration file, and tcpdmatch determines how tcpd handles a specific service
request.
For more information on the tcpdchk and tcpdmatch tools, see “The tcpdchk Tool”
(page 42) and “The tcpdmatch Tool” (page 42), respectively.
44 TCP Wrappers