path: root/templates/man8/tcpd.8.pot

# SOME DESCRIPTIVE TITLE
# Copyright (C) YEAR Free Software Foundation, Inc.
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2023-06-27 19:58+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#. type: TH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "TCPD"
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "NAME"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid "tcpd - access control facility for internet services"
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "DESCRIPTION"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The I<tcpd> program can be set up to monitor incoming requests for "
"I<telnet>, I<finger>, I<ftp>, I<exec>, I<rsh>, I<rlogin>, I<tftp>, I<talk>, "
"I<comsat> and other services that have a one-to-one mapping onto executable "
"files."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The program supports both 4.3BSD-style sockets and System V.4-style TLI.  "
"Functionality may be limited when the protocol underneath TLI is not an "
"internet protocol."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"There are two possible modes of operation: execution of I<tcpd> before a "
"service started by I<inetd>, or linking a daemon with the I<libwrap> shared "
"library as documented in the I<hosts_access>(3)  manual page. Operation when "
"started by I<inetd> is as follows: whenever a request for service arrives, "
"the I<inetd> daemon is tricked into running the I<tcpd> program instead of "
"the desired server. I<tcpd> logs the request and does some additional "
"checks. When all is well, I<tcpd> runs the appropriate server program and "
"goes away."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Optional features are: pattern-based access control, client username lookups "
"with the RFC 931 etc. protocol, protection against hosts that pretend to "
"have someone elses host name, and protection against hosts that pretend to "
"have someone elses network address."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "LOGGING"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Connections that are monitored by I<tcpd> are reported through the "
"I<syslog>(3) facility. Each record contains a time stamp, the client host "
"name and the name of the requested service.  The information can be useful "
"to detect unwanted activities, especially when logfile information from "
"several hosts is merged."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"In order to find out where your logs are going, examine the syslog "
"configuration file, usually /etc/syslog.conf."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "ACCESS CONTROL"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Optionally, I<tcpd> supports a simple form of access control that is based "
"on pattern matching.  The access-control software provides hooks for the "
"execution of shell commands when a pattern fires.  For details, see the "
"I<hosts_access>(5) manual page."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "HOST NAME VERIFICATION"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The authentication scheme of some protocols (I<rlogin, rsh>) relies on host "
"names. Some implementations believe the host name that they get from any "
"random name server; other implementations are more careful but use a flawed "
"algorithm."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"I<tcpd> verifies the client host name that is returned by the address-"
"E<gt>name DNS server by looking at the host name and address that are "
"returned by the name-E<gt>address DNS server.  If any discrepancy is "
"detected, I<tcpd> concludes that it is dealing with a host that pretends to "
"have someone elses host name."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"If the sources are compiled with -DPARANOID, I<tcpd> will drop the "
"connection in case of a host name/address mismatch.  Otherwise, the hostname "
"can be matched with the I<PARANOID> wildcard, after which suitable action "
"can be taken."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "HOST ADDRESS SPOOFING"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Optionally, I<tcpd> disables source-routing socket options on every "
"connection that it deals with. This will take care of most attacks from "
"hosts that pretend to have an address that belongs to someone elses network. "
"UDP services do not benefit from this protection. This feature must be "
"turned on at compile time."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "RFC 931"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"When RFC 931 etc. lookups are enabled (compile-time option) I<tcpd> will "
"attempt to establish the name of the client user. This will succeed only if "
"the client host runs an RFC 931-compliant daemon.  Client user name lookups "
"will not work for datagram-oriented connections, and may cause noticeable "
"delays in the case of connections from PCs."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "EXAMPLES"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The details of using I<tcpd> depend on pathname information that was "
"compiled into the program."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "EXAMPLE 1"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"This example applies when I<tcpd> expects that the original network daemons "
"will be moved to an \"other\" place."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"In order to monitor access to the I<finger> service, move the original "
"finger daemon to the \"other\" place and install tcpd in the place of the "
"original finger daemon. No changes are required to configuration files."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid ""
"# mkdir /other/place\n"
"# mv /usr/sbin/in.fingerd /other/place\n"
"# cp tcpd /usr/sbin/in.fingerd\n"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The example assumes that the network daemons live in /usr/sbin. On some "
"systems, network daemons live in /usr/sbin or in /usr/libexec, or have no "
"`in.\\' prefix to their name."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "EXAMPLE 2"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"This example applies when I<tcpd> expects that the network daemons are left "
"in their original place."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"In order to monitor access to the I<finger> service, perform the following "
"edits on the I<inetd> configuration file (usually I</etc/inetd.conf>):"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid "finger  stream  tcp  nowait  nobody  /usr/sbin/in.fingerd  in.fingerd\n"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid "becomes:\n"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid "finger  stream  tcp  nowait  nobody  /usr/sbin/tcpd     in.fingerd\n"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The example assumes that the network daemons live in /usr/sbin. On some "
"systems, network daemons live in /usr/sbin or in /usr/libexec, the daemons "
"have no `in.\\' prefix to their name, or there is no userid field in the "
"inetd configuration file."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Similar changes will be needed for the other services that are to be covered "
"by I<tcpd>.  Send a `kill -HUP\\' to the I<inetd>(8)  process to make the "
"changes effective."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "EXAMPLE 3"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"In the case of daemons that do not live in a common directory (\"secret\" or "
"otherwise), edit the I<inetd> configuration file so that it specifies an "
"absolute path name for the process name field. For example:"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid "    ntalk  dgram  udp  wait  root  /usr/sbin/tcpd  /usr/local/lib/ntalkd\n"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Only the last component (ntalkd) of the pathname will be used for access "
"control and logging."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "BUGS"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Some UDP (and RPC) daemons linger around for a while after they have "
"finished their work, in case another request comes in.  In the inetd "
"configuration file these services are registered with the I<wait> option. "
"Only the request that started such a daemon will be logged."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The program does not work with RPC services over TCP. These services are "
"registered as I<rpc/tcp> in the inetd configuration file. The only non-"
"trivial service that is affected by this limitation is I<rexd>, which is "
"used by the I<on(1)> command. This is no great loss.  On most systems, "
"I<rexd> is less secure than a wildcard in /etc/hosts.equiv."
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"RPC broadcast requests (for example: I<rwall, rup, rusers>) always appear to "
"come from the responding host. What happens is that the client broadcasts "
"the request to all I<portmap> daemons on its network; each I<portmap> daemon "
"forwards the request to a local daemon. As far as the I<rwall> etc.  daemons "
"know, the request comes from the local host."
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "FILES"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid "The default locations of the host access control tables are:"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid "/etc/hosts.allow"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
msgid "/etc/hosts.deny"
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "SEE ALSO"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid ""
"hosts_access(3), functions provided by the libwrap library.\n"
"hosts_access(5), format of the tcpd access control tables.\n"
"syslog.conf(5), format of the syslogd control file.\n"
"inetd.conf(5), format of the inetd control file.\n"
msgstr ""

#. type: SH
#: debian-bookworm debian-unstable
#, no-wrap
msgid "AUTHORS"
msgstr ""

#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid ""
"Wietse Venema (wietse@wzv.win.tue.nl),\n"
"Department of Mathematics and Computing Science,\n"
"Eindhoven University of Technology\n"
"Den Dolech 2, P.O. Box 513, \n"
"5600 MB Eindhoven, The Netherlands\n"
msgstr ""