Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ tcp_log(4) — CLIX 3.1r7.6.28

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

log(8)

tcpd(8)

hosts.allow(4)



  tcplog(4)                          CLIX                          tcplog(4)



  NAME

    tcp_log - TCP/IP activity log file

  DESCRIPTION

    The /usr/adm/tcp_log file is the log file for the TCP/IP log utility,
    which monitors incoming requests for connections to the ftpd, telnetd,
    rlogind, rshd, and rexecd network services.  The log file is created when
    the log utility is started (refer to log(8)).

    The /usr/adm/tcp_log file also contains information on whether the
    connection requests were allowed or refused.  This information comes from
    the tcpd server, which is invoked by the log utility. The tcpd server
    reads the /etc/hosts.allow and /etc/hosts.deny files to determine which
    network services and remote clients should be granted or denied permission
    to access the local network services.

    The format of the entries in the /usr/adm/tcp_log file is as follows:

    date time local_host net_service[pid]: message remote_client

    These elements are described as follows:

    date   The date of the connection attempt.

    time   The time of the connection attempt.

    local_host
           The name of the host to which the connection attempt was made.

    net_service[pid]
           The network service being requested and the PID of that daemon.

    message
           Error and connection information.

    remote_client
           The name of the remote client making the request.

  EXAMPLES

    1.  This example of a line from a /usr/adm/tcp_log file shows a connection
        request was made to the host "gator" for an rlogin connection from the
        host "cubbies.b35.inc.com," and that the connection was allowed:

        Feb  3 10:19:41 gator rlogind[9456]: connect from cubbies.b35.inc.com


    2.  This example shows a connection request made to "gator" for a telnet
        connection from the host "minnow.b9a.inc.com" that was allowed:



  2/94 - Intergraph Corporation                                              1






  tcplog(4)                          CLIX                          tcplog(4)



        Feb  3 15:25:00 gator telnetd[9679]: connect from minnow.b9a.inc.com


    3.  This example shows a connection request made to "gator" for an rlogin
        connection from the host "mojo."  This connection was denied, probably
        because the requesting client is denied access to an rlogin connection
        in the /etc/hosts.deny file:

        Feb  4 09:10:56 gator rlogind[9544]: connect from mojo.pro1.abc.com
        Feb  4 09:10:56 gator rlogind[9544]: refused connect from mojo.pro1.abc.com


    4.  This example shows that a connection request was made to the host
        "tigers" for an ftp connection from the host "ted.braves.atl.com."
        Because of an error in the /etc/hosts.deny file, the rules for denying
        connections could not be determined, so the connection was granted and
        an error message was logged:

        Feb  3 15:35:48 tigers ftpd[9584]: connect from ted.braves.atl.com
        Feb  5 15:35:48 tigers ftpd[9584]: /etc/hosts.deny: malformed entry: "ftpd.ALL"


  FILES

    /etc/hosts.allow
           Host access control file listing remote clients and the local
           network services to which they are to be granted access.

    /etc/hosts.deny
           Host access control file listing remote clients and the local
           network services to which they are to be denied access.

  RELATED INFORMATION

    Commands:  log(8), tcpd(8)

    Files:  hosts.allow(4)

















  2                                              Intergraph Corporation - 2/94




Typewritten Software • bear@typewritten.org • Edmonds, WA 98026