Log tcp wrappers
I'm trying to log tcp wrappers and am having trouble getting it started. I'm running slackware 8.1 and using the default tcp-wrappers.
To find out what the facility was I downloaded another version of tcp-wrappers, and it's default facility name was MAIL_LOG.
I then added this line (separated by tabs) to my syslogd.conf:
MAIL_LOG.* /var/log/authTCP
Then I touched authTCP, restarted inetd, syslogd. But I get nothing in the log when I get incoming ssh conenctions - which is being checked by tcp-wrappers.
I think the real problem I'm having is understanding how tcp-wrappers gets started, and how it's different from tcpd. I don't have tcpd running, but when I make changes to my hosts.allow or deny files they stick. Any suggested readings would be appreciated.
Thanks.
|