| blob | 5c8d76bbdcc020f9ee417c46c58838966e4f06b4 |
1 .TH SERVXCHECK 3
2 .SH NAME
3 servxcheck \- Internet service access check
4 .SH SYNOPSIS
5 .ft B
6 .nf
7 #define _MINIX_SOURCE 1
8 #include </net/gen/netdb.h>
10 int servxcheck(ipaddr_t \fIpeer\fP, const char *\fIservice\fP,
11 void (*\fIlogf\fP)(int \fIpass\fP, const char *\fIname\fP));
12 char *servxfile(const char *\fIfile\fP);
13 .fi
14 .ft R
15 .SH DESCRIPTION
16 .B Servxcheck()
17 is used by programs like
18 .B inetd
19 to perform an access check on the host connected to the other end of the TCP
20 channel that has IP address
21 .IR peer .
22 .PP
23 .B Servxcheck()
24 translates the IP address to the
25 associated host name if necessary, and checks if the host is granted access
26 as guided by the file
27 .BR /etc/serv.access .
28 (See
29 .BR serv.access (5).)
30 The service name used to search the access file is passed by the caller as
31 .IR service .
32 These names should be the same as the service names in
33 .BR /etc/services .
34 .PP
35 The caller should use the NWIOGTCPCONF ioctl() call to find out what the
36 IP address of the remote end is. It is wise to bypass the
37 .B servxcheck()
38 call if the remote end happens to be the local machine (remaddr == locaddr),
39 so that local connections aren't impeded by slow checks.
40 .B Servxcheck()
41 will itself allow connections from 127.0.0.1/8 immediately, so you
42 don't have to check for that. Example of use:
43 .PP
44 .RS
45 .nf
46 .ta +4n +4n +4n
47 if (ioctl(fd, NWIOGTCPCONF, &tcpconf) < 0
48 || tcpconf.nwtc_remaddr == tcpconf.nwtc_locaddr
49 || servxcheck(tcpconf.nwtc_remaddr, service_name, NULL)
50 ) {
51 serve();
52 }
53 .fi
54 .RE
55 .PP
56 An attempt to connect to a service is logged if the access is denied. You
57 can use the special checkword "\fBlog\fP" to also log if access is granted.
58 Logging will be done with
59 .B syslog()
60 at the
61 .B warning
62 level.
63 A syntax error in the access file may be logged under the
64 .B err
65 level.
66 The caller must use
67 .B openlog()
68 to set the appropriate logging facility. One may do one's own logging by
69 supplying a
70 .I logf
71 function that will be called by
72 .B servxcheck
73 with a first argument that is true if access is granted, false if
74 denied, and a second argument that is the name of the remote host whose
75 access has been checked.
76 .PP
77 The default is to fail the check unless the access file says otherwise.
78 Strange errors make the check succeed. (We do not want
79 remote access to fail because of some system error.) Note that this
80 function is not meant to check access to the system, that's what
81 passwords and such are for, but only to limit access to those who are
82 allowed to use the services the system offers.
83 .PP
84 Connections from a machine to itself are accepted immediately. No further
85 checks, no logging.
86 .PP
87 .B Servxfile()
88 may be used to specify a file other than the default
89 .BR /etc/serv.access .
90 This is useful for programs started from
91 .B inetd
92 that want to handle the access check themselves, using a private access file.
93 The return value of
94 .B servxfile()
95 is the pathname of the old access file. Only a pointer to the new path is
96 saved, the caller must keep the string it points to intact.
97 .SH FILES
98 .TP 25n
99 .B /etc/serv.access
100 Default access check file.
101 .SH "SEE ALSO"
102 .BR syslog (3),
103 .BR serv.access (5),
104 .BR services (5),
105 .BR inetd (8).
106 .SH DIAGNOSTICS
107 .B Servxcheck()
108 returns 0 if the access is denied, 1 if granted.
109 .PP
110 Typical syslog message:
111 .PP
112 .RS
113 Jan 10 20:27:20 flotsam inetd[174]: service 'shell' granted to jetsam.cs.vu.nl
114 .RE
115 .SH BUGS
116 IP and DNS based access checks will stop most crackers, but not the really
117 determined ones. Luckily MINIX 3 is sufficiently strange to thwart the well
118 known cracking schemes. But don't ever allow yourself to feel secure.
119 .SH AUTHOR
120 Kees J. Bot <kjb@cs.vu.nl>