NAME

     servxcheck - Internet service access check


SYNOPSIS

     #define _MINIX_SOURCE 1
     #include </net/gen/netdb.h>

     int servxcheck(ipaddr_t peer, const char *service,
          void (*logf)(int pass, const char *name));
     char *servxfile(const char *file);


DESCRIPTION

     Servxcheck() is used by programs like inetd  to  perform  an
     access  check  on the host connected to the other end of the
     TCP channel that has IP address peer.

     Servxcheck() translates the IP  address  to  the  associated
     host  name  if  necessary, and checks if the host is granted
     access  as  guided  by  the  file  /etc/serv.access.    (See
     serv.access(5).)  The service name used to search the access
     file is passed by the caller as service.  These names should
     be the same as the service names in /etc/services.

     The caller should use the NWIOGTCPCONF ioctl() call to  find
     out what the IP address of the remote end is.  It is wise to
     bypass the servxcheck() call if the remote end happens to be
     the  local  machine (remaddr == locaddr), so that local con-
     nections aren't impeded by slow checks.   Servxcheck()  will
     itself  allow  connections  from 127.0.0.1/8 immediately, so
     you don't have to check for that.  Example of use:

          if (ioctl(fd, NWIOGTCPCONF, &tcpconf) < 0
              || tcpconf.nwtc_remaddr == tcpconf.nwtc_locaddr
              || servxcheck(tcpconf.nwtc_remaddr, service_name, NULL)
          ) {
              serve();
          }

     An attempt to connect to a service is logged if  the  access
     is  denied.  You can use the special checkword "log" to also
     log if access is granted.  Logging will be  done  with  sys-
     log()  at  the  warning level.  A syntax error in the access
     file may be logged under the err level.  The caller must use
     openlog()  to set the appropriate logging facility.  One may
     do one's own logging by supplying a logf function that  will
     be  called  by servxcheck with a first argument that is true
     if access is granted, false if denied, and a second argument
     that  is  the  name of the remote host whose access has been
     checked.

     The default is to fail the check unless the access file says
     otherwise.   Strange  errors make the check succeed.  (We do
     not want remote  access  to  fail  because  of  some  system
     error.)   Note  that  this  function  is  not meant to check
     access to the system, that's what  passwords  and  such  are
     for,  but  only  to limit access to those who are allowed to
     use the services the system offers.

     Connections from a machine to itself  are  accepted  immedi-
     ately.  No further checks, no logging.

     Servxfile() may be used to specify a  file  other  than  the
     default  /etc/serv.access.   This  is  useful  for  programs
     started from inetd that want  to  handle  the  access  check
     themselves,  using  a private access file.  The return value
     of servxfile() is the pathname of the old access file.  Only
     a pointer to the new path is saved, the caller must keep the
     string it points to intact.


FILES

     /etc/serv.access         Default access check file.


SEE ALSO

     syslog(3), serv.access(5), services(5), inetd(8).


DIAGNOSTICS

     Servxcheck() returns  0  if  the  access  is  denied,  1  if
     granted.

     Typical syslog message:

          Jan 10 20:27:20  flotsam  inetd[174]:  service  'shell'
          granted to jetsam.cs.vu.nl


BUGS

     IP and DNS based access checks will stop most crackers,  but
     not  the  really determined ones.  Luckily MINIX 3 is suffi-
     ciently strange to thwart the well known  cracking  schemes.
     But don't ever allow yourself to feel secure.


AUTHOR

     Kees J. Bot <kjb@cs.vu.nl>