Re: lpd with libwrap (or tcp wrappers)

To: "Jeremy C. Reed" <reed@wcug.wwu.edu>
Cc: debian-isp@lists.debian.org
Subject: Re: lpd with libwrap (or tcp wrappers)
From: Tamas TEVESZ <ice@extreme.hu>
Date: Fri, 16 Feb 2001 01:34:38 +0100 (CET)
Message-id: <Pine.LNX.4.21.0102160121310.1875-100000@mailtrans.sote.hu>
In-reply-to: <Pine.BSO.4.21.0102151541080.32764-100000@sloth.wcug.wwu.edu>

On Thu, 15 Feb 2001, Jeremy C. Reed wrote:

 > But is this the Debian way? What will happen when I upgrade lpr package?

i'd be more than very surprised if any automatic script would modify
any conf file i write or modify. then again, you never know what those
scripts will do, but they strongly shouldn't.

 >  Feb 15 15:36:50 pilchuck lpd[9780]: bind: Address already in use
 >  Feb 15 15:36:50 pilchuck lpd[9780]: exiting

now actually looking at lpd:), it doesn't seem to support being run
from inetd. you have several ways to go, though. first, trust it's own
builtin access control (lpd.perms or something); (possibly
additionally) put a packet filter in front of it; or you can add
libwrap support to lpd (it's not supposed to be hard); or the last
thing i can think of is to modify lpd in a way when it allows to be
run from inetd (that is, it takes its input from stdin, iirc)

having a very quick look at lpd.perms(5) i'd say its basically
equivalent (functionality-wise) to hosts.{allow,deny}, but also has
print service-specific options. i didn't find the equivalent option to
UKNOWN and PARANOID, though, but, as printing is supposed (imho) be a
`local' service, you have to maintain a consistent dns database and
you won't even need this.

-- 
[-]
So, you're a Ph.D. Just don't touch anything.

Reply to:

References:
- Re: lpd with libwrap (or tcp wrappers)
  - From: "Jeremy C. Reed" <reed@wcug.wwu.edu>

Prev by Date: Re: lpd with libwrap (or tcp wrappers)
Next by Date: POP3 and SMTP server for an ISP
Previous by thread: Re: lpd with libwrap (or tcp wrappers)
Next by thread: POP3 and SMTP server for an ISP
Index(es):
- Date
- Thread