On Fri, Jun 04, 1999 at 08:43:41AM -0600, Robert Giles wrote:
| I've looked high and low, but can't seem to find out if it's possible
| to disable ident/hostname logging for a particular service in inetd
| (qpopper). The reverse lookups take ages and I'd like to speed things
| up - but ident/hostname logging is still required for telnet & ftp.
|
| Standalone operation is something I've considered, but I'd rather have
| this thing running in inetd with tcpd for security reasons.
I'm pretty sure you can't do what you're talking about on a service by
service level ... however ... you do have a few other options.
1) I do believe you can disable DNS lookups in tcp_wrappers entirely
(but I'm not positive about this.) Get the source, look at Makefile
and make some changes. Compile. Take the tcpd it creates, and call
it tcpd2 or something, and put that next to your original tcpd. Edit
your inetd.conf lines for your qpopper service, changing the tcpd to
tcpd2. Restart inetd, see how it works.
2) Running your own local caching DNS server will probably speed
things up a lot (once you make your system actually use it, of
course.) And this is probably overkill, but if the qpopper requests
always come in from the same subnet, you could set your caching DNS
server up as a secondary for that subnet, and then the lookups will be
next to instantaneous.
Personally, I suggest #2. I've had similar problems in the past, and
it fixed it.
--
Doug McLaren, [EMAIL PROTECTED]
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
