HP-UX Internet Services Administrator's Guide (February 2007)

The client information describes how the remote host recognizes the client in terms

of an address, name, and user name, whereas, the server information describes the

remote host.

For more information on % <letter> expressions, type man 5 hosts_access at

the HP-UX prompt.

The safe_finger Program

safe_finger, a wrapper program to the finger client, protects the data sent by the

remote finger server. This program accepts all the options supported by the finger

client.

For more information, type man 1 finger at the HP-UX prompt.

Following is an example of the safe_finger command:

# /usr/bin/safe_finger -l @xyz.abc.def.com

This command prints the user information on the remote host xyz.abc.def.com.

HP recommends you to use this program to implement traps in the access control

language of the files /etc/hosts.allow and /etc/hosts.deny.

For more information on setting traps, type man 5 hosts_access at the HP-UX

prompt.

IPv6 Support

To enable access control mechanism to IPv6 connections of a service, you must enable

IPv6 support to that service in the /etc/inetd.conffile. You must specify the protocol

in the /etc/inetd.conf file as tcp6 or upd6, to enable IPv6 support for a particular

service.

For example, to support IPv6 functionality for the ftpd service, you must modify the

/etc/inetd.conf file as follows:

ftp stream tcp6 nowait root /usr/bin/ftpd ftpd -l

However, if you specify tcp instead of tcp6, ftp operates in the IPv4 mode.

Troubleshooting

tcpd logs the connection-related information and problems encountered during a

connection in the /var/adm/syslog/syslog.log file, before invoking the actual

service daemon.

You can enable logging in tcpd by specifying the logging level parameter in the

/etc/tcpd.conf file. The syntax for specifying the logging level parameter is as

follows:

log_level { normal | extended }

44 TCP Wrappers