9fans archive / 1998 / 08 / 65 /    prev next

From: arisawa@ar.aichi-u.ac.jp arisawa@ar.aichi-u.ac.jp
Subject: [9fans] tcp wrapping
Date: Sat, 29 Aug 1998 01:01:55 -0400 (EDT)

Hello 9fans!

Tcp_wrapper is one of the neat tools in the UNIX world.
Our Plan9 has no special tools to wrap connections.
Instead we can do more elegantly using general tool, i.e., "rc".
----------- tcp23 ---------
#!/bin/rc
ifs=! r=`{cat $3/remote}
remote=$r(1)
if(~ $remote 202.250.160.* 202.16.124.*)
	exec /bin/aux/telnetd
echo service refused
-------------------------

How can we wrap ftp?
Probably you will want to allow anonymouse access to world wide,
and you will want to disallow user access except a few IPs.
This is possible if we have '-U' option for ftp; the option that disallow
user access.
Then tcp21 will be:
----------- tcp21 ---------
#!/bin/rc
ifs=! r=`{cat $3/remote}
remote=$r(1)
if(~ $remote 202.250.160.* 202.16.124.*)
	exec /bin/aux/ftp -n/lib/namespace.ftp $*
exec /bin/aux/ftp -U -n/lib/namespace.ftp $*
-------------------------

Adding the option '-U' to ftp.c is a vary easy task.

Kenji Arisawa
E-mail: arisawa@aic...