From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Sat, 29 Aug 1998 01:01:55 -0400
From: arisawa@ar.aichi-u.ac.jp arisawa@ar.aichi-u.ac.jp
Subject: [9fans] tcp wrapping
Topicbox-Message-UUID: 7dd2e18e-eac8-11e9-9e20-41e7f4b1d025
Message-ID: <19980829050155.Y24SYoPWTqkQGX-Iuk__BPSp_KJKFUvWyHDO5hRuMTc@z>

Hello 9fans!

Tcp_wrapper is one of the neat tools in the UNIX world.
Our Plan9 has no special tools to wrap connections.
Instead we can do more elegantly using general tool, i.e., "rc".
----------- tcp23 ---------
#!/bin/rc
ifs=! r=`{cat $3/remote}
remote=$r(1)
if(~ $remote 202.250.160.* 202.16.124.*)
	exec /bin/aux/telnetd
echo service refused
-------------------------

How can we wrap ftp?
Probably you will want to allow anonymouse access to world wide,
and you will want to disallow user access except a few IPs.
This is possible if we have '-U' option for ftp; the option that disallow
user access.
Then tcp21 will be:
----------- tcp21 ---------
#!/bin/rc
ifs=! r=`{cat $3/remote}
remote=$r(1)
if(~ $remote 202.250.160.* 202.16.124.*)
	exec /bin/aux/ftp -n/lib/namespace.ftp $*
exec /bin/aux/ftp -U -n/lib/namespace.ftp $*
-------------------------

Adding the option '-U' to ftp.c is a vary easy task.

Kenji Arisawa
E-mail: arisawa@aichi-u.ac.jp