! Aware to man pages: hosts

hosts_access(3)

Tips: Browse or Search all pages for efficient awareness of more than 6000 of the most popular reusable and open source applications, functions, libraries, and FAQs.

The "RKT couplings" below include links to source code, updates, additional information, advice, FAQs, and overviews.

Home

Search all pages

Subjects

By activity
Professions, Sciences, Humanities, Business, ...

User Interface
Text-based, GUI, Audio, Video, Keyboards, Mouse, Images,...

Text Strings
Conversions, tests, processing, manipulation,...

Math
Integer, Floating point, Matrix, Statistics, Boolean, ...

Processing
Algorithms, Memory, Process control, Debugging, ...

Stored Data
Data storage, Integrity, Encryption, Compression, ...

Communications
Networks, protocols, Interprocess, Remote, Client Server, ...

Hard World
Timing, Calendar and Clock, Audio, Video, Printer, Controls...

File System
Management, Filtering, File & Directory access, Viewers, ...

RocketLink!--> Man page versions: OpenBSD FreeBSD RedHat Others

HOSTS_ACCESS(3)           OpenBSD Programmer's Manual          HOSTS_ACCESS(3)

NAME
     hosts_access, hosts_ctl, request_init, request_set - access control li-
     brary



SYNOPSIS
     #include <tcpd.h>

     extern int allow_severity;
     extern int deny_severity;

     struct request_info *
     request_init(struct request_info *request, int key, value, ..., 0);

     struct request_info *
     request_set(struct request_info *request, int key, value, ..., 0);

     int
     hosts_access(struct request_info *request);

     int
     hosts_ctl(char *daemon, char *client_name, char *client_addr,
             char *client_user);

DESCRIPTION
     The routines described in this document are part of the libwrap.a li-
     brary.  They implement a rule-based access control language with optional
     shell commands that are executed when a rule fires.

     request_init() initializes a structure with information about a client
     request.  request_set() updates an already initialized request structure.
     Both functions take a variable-length list of key-value pairs and return
     their first argument.  The argument lists are terminated with a zero key
     value.  All string-valued arguments are copied.  The expected keys (and
     corresponding value types) are:

     RQ_FILE (int)             The file descriptor associated with the re-
                               quest.

     RQ_CLIENT_NAME (char *)   The client host name.

     RQ_CLIENT_ADDR (char *)   A printable representation of the client net-
                               work address.

     RQ_CLIENT_SIN (struct sockaddr_in *)
                               An internal representation of the client net-
                               work address and port.  The contents of the
                               structure are not copied.

     RQ_SERVER_NAME (char *)   The hostname associated with the server end-
                               point address.

     RQ_SERVER_ADDR (char *)   A printable representation of the server end-
                               point address.

     RQ_SERVER_SIN (struct sockaddr_in *)
                               An internal representation of the server end-
                               point address and port.  The contents of the
                               structure are not copied.

     RQ_DAEMON (char *)        The name of the daemon process running on the
                               server host.

     RQ_USER (char *)          The name of the user on whose behalf the client
                               host makes the request.

     hosts_access() consults the access control tables described in the
     hosts_access(5) manual page.  When internal endpoint information is
     available, host names and client user names are looked up on demand, us-
     ing the request structure as a cache.  hosts_access() returns zero if ac-
     cess should be denied.

     hosts_ctl() is a wrapper around the request_init() and hosts_access()
     routines with a perhaps more convenient interface (though it does not
     pass on enough information to support automated client username lookups).
     The client host address, client host name and username arguments should
     contain valid data or STRING_UNKNOWN.  hosts_ctl() returns zero if access
     should be denied.

     The allow_severity and deny_severity variables determine how accepted and
     rejected requests may be logged. They must be provided by the caller and
     may be modified by rules in the access control tables.

DIAGNOSTICS
     Problems are reported via the syslog daemon.

SEE ALSO
     hosts_access(5),  hosts_options(5).

FILES
     /etc/hosts.allow  Access control table (allow list)
     /etc/hosts.deny   Access control table (deny list)

BUGS
     hosts_access() uses the strtok() library function. This may interfere
     with other code that relies on strtok().

AUTHOR
           Wietse Venema (wietse@wzv.win.tue.nl)
           Department of Mathematics and Computing Science
           Eindhoven University of Technology
           Den Dolech 2, P.O. Box 513,
           5600 MB Eindhoven, The Netherlands


OpenBSD 2.6                      June 23, 1997                               2

Source: OpenBSD 2.6 man pages. Copyright: Portions are copyrighted by BERKELEY
SOFTWARE DESIGN, INC., The Regents of the University of California, Massachusetts
Institute of Technology, Free Software Foundation, FreeBSD Inc., and others.

(Corrections, notes, and links courtesy of RocketAware.com)

[Detailed Topics]

OpenBSD sources for hosts_access(3)

[Overview Topics]

Up to: Remote Process Communication - Methods of communicating to remote processes. Remote Procedure Calls, sockets, data format translation, et al

RocketLink!--> Man page versions: OpenBSD FreeBSD RedHat Others

Rapid-Links: Search | About | Comments | Submit Path: RocketAware > man pages > hosts_access.3/