summaryrefslogtreecommitdiffstats
path: root/templates/man8/tcpd.8.pot
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--templates/man8/tcpd.8.pot405
1 files changed, 405 insertions, 0 deletions
diff --git a/templates/man8/tcpd.8.pot b/templates/man8/tcpd.8.pot
new file mode 100644
index 00000000..bdec358c
--- /dev/null
+++ b/templates/man8/tcpd.8.pot
@@ -0,0 +1,405 @@
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"POT-Creation-Date: 2023-06-27 19:58+0200\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. type: TH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "TCPD"
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "NAME"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid "tcpd - access control facility for internet services"
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "DESCRIPTION"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"The I<tcpd> program can be set up to monitor incoming requests for "
+"I<telnet>, I<finger>, I<ftp>, I<exec>, I<rsh>, I<rlogin>, I<tftp>, I<talk>, "
+"I<comsat> and other services that have a one-to-one mapping onto executable "
+"files."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"The program supports both 4.3BSD-style sockets and System V.4-style TLI. "
+"Functionality may be limited when the protocol underneath TLI is not an "
+"internet protocol."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"There are two possible modes of operation: execution of I<tcpd> before a "
+"service started by I<inetd>, or linking a daemon with the I<libwrap> shared "
+"library as documented in the I<hosts_access>(3) manual page. Operation when "
+"started by I<inetd> is as follows: whenever a request for service arrives, "
+"the I<inetd> daemon is tricked into running the I<tcpd> program instead of "
+"the desired server. I<tcpd> logs the request and does some additional "
+"checks. When all is well, I<tcpd> runs the appropriate server program and "
+"goes away."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"Optional features are: pattern-based access control, client username lookups "
+"with the RFC 931 etc. protocol, protection against hosts that pretend to "
+"have someone elses host name, and protection against hosts that pretend to "
+"have someone elses network address."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "LOGGING"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"Connections that are monitored by I<tcpd> are reported through the "
+"I<syslog>(3) facility. Each record contains a time stamp, the client host "
+"name and the name of the requested service. The information can be useful "
+"to detect unwanted activities, especially when logfile information from "
+"several hosts is merged."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"In order to find out where your logs are going, examine the syslog "
+"configuration file, usually /etc/syslog.conf."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "ACCESS CONTROL"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"Optionally, I<tcpd> supports a simple form of access control that is based "
+"on pattern matching. The access-control software provides hooks for the "
+"execution of shell commands when a pattern fires. For details, see the "
+"I<hosts_access>(5) manual page."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "HOST NAME VERIFICATION"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"The authentication scheme of some protocols (I<rlogin, rsh>) relies on host "
+"names. Some implementations believe the host name that they get from any "
+"random name server; other implementations are more careful but use a flawed "
+"algorithm."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"I<tcpd> verifies the client host name that is returned by the address-"
+"E<gt>name DNS server by looking at the host name and address that are "
+"returned by the name-E<gt>address DNS server. If any discrepancy is "
+"detected, I<tcpd> concludes that it is dealing with a host that pretends to "
+"have someone elses host name."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"If the sources are compiled with -DPARANOID, I<tcpd> will drop the "
+"connection in case of a host name/address mismatch. Otherwise, the hostname "
+"can be matched with the I<PARANOID> wildcard, after which suitable action "
+"can be taken."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "HOST ADDRESS SPOOFING"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"Optionally, I<tcpd> disables source-routing socket options on every "
+"connection that it deals with. This will take care of most attacks from "
+"hosts that pretend to have an address that belongs to someone elses network. "
+"UDP services do not benefit from this protection. This feature must be "
+"turned on at compile time."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "RFC 931"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"When RFC 931 etc. lookups are enabled (compile-time option) I<tcpd> will "
+"attempt to establish the name of the client user. This will succeed only if "
+"the client host runs an RFC 931-compliant daemon. Client user name lookups "
+"will not work for datagram-oriented connections, and may cause noticeable "
+"delays in the case of connections from PCs."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "EXAMPLES"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"The details of using I<tcpd> depend on pathname information that was "
+"compiled into the program."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "EXAMPLE 1"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"This example applies when I<tcpd> expects that the original network daemons "
+"will be moved to an \"other\" place."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"In order to monitor access to the I<finger> service, move the original "
+"finger daemon to the \"other\" place and install tcpd in the place of the "
+"original finger daemon. No changes are required to configuration files."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid ""
+"# mkdir /other/place\n"
+"# mv /usr/sbin/in.fingerd /other/place\n"
+"# cp tcpd /usr/sbin/in.fingerd\n"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"The example assumes that the network daemons live in /usr/sbin. On some "
+"systems, network daemons live in /usr/sbin or in /usr/libexec, or have no "
+"`in.\\' prefix to their name."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "EXAMPLE 2"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"This example applies when I<tcpd> expects that the network daemons are left "
+"in their original place."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"In order to monitor access to the I<finger> service, perform the following "
+"edits on the I<inetd> configuration file (usually I</etc/inetd.conf>):"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "finger stream tcp nowait nobody /usr/sbin/in.fingerd in.fingerd\n"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "becomes:\n"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd\n"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"The example assumes that the network daemons live in /usr/sbin. On some "
+"systems, network daemons live in /usr/sbin or in /usr/libexec, the daemons "
+"have no `in.\\' prefix to their name, or there is no userid field in the "
+"inetd configuration file."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"Similar changes will be needed for the other services that are to be covered "
+"by I<tcpd>. Send a `kill -HUP\\' to the I<inetd>(8) process to make the "
+"changes effective."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "EXAMPLE 3"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"In the case of daemons that do not live in a common directory (\"secret\" or "
+"otherwise), edit the I<inetd> configuration file so that it specifies an "
+"absolute path name for the process name field. For example:"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid " ntalk dgram udp wait root /usr/sbin/tcpd /usr/local/lib/ntalkd\n"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"Only the last component (ntalkd) of the pathname will be used for access "
+"control and logging."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "BUGS"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"Some UDP (and RPC) daemons linger around for a while after they have "
+"finished their work, in case another request comes in. In the inetd "
+"configuration file these services are registered with the I<wait> option. "
+"Only the request that started such a daemon will be logged."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"The program does not work with RPC services over TCP. These services are "
+"registered as I<rpc/tcp> in the inetd configuration file. The only non-"
+"trivial service that is affected by this limitation is I<rexd>, which is "
+"used by the I<on(1)> command. This is no great loss. On most systems, "
+"I<rexd> is less secure than a wildcard in /etc/hosts.equiv."
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid ""
+"RPC broadcast requests (for example: I<rwall, rup, rusers>) always appear to "
+"come from the responding host. What happens is that the client broadcasts "
+"the request to all I<portmap> daemons on its network; each I<portmap> daemon "
+"forwards the request to a local daemon. As far as the I<rwall> etc. daemons "
+"know, the request comes from the local host."
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "FILES"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid "The default locations of the host access control tables are:"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid "/etc/hosts.allow"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+msgid "/etc/hosts.deny"
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "SEE ALSO"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid ""
+"hosts_access(3), functions provided by the libwrap library.\n"
+"hosts_access(5), format of the tcpd access control tables.\n"
+"syslog.conf(5), format of the syslogd control file.\n"
+"inetd.conf(5), format of the inetd control file.\n"
+msgstr ""
+
+#. type: SH
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid "AUTHORS"
+msgstr ""
+
+#. type: Plain text
+#: debian-bookworm debian-unstable
+#, no-wrap
+msgid ""
+"Wietse Venema (wietse@wzv.win.tue.nl),\n"
+"Department of Mathematics and Computing Science,\n"
+"Eindhoven University of Technology\n"
+"Den Dolech 2, P.O. Box 513, \n"
+"5600 MB Eindhoven, The Netherlands\n"
+msgstr ""