In addition to basic rules that allow and deny access, the Red Hat Enterprise Linux implementation of TCP Wrappers supports extensions to the access control language through option fields. By using option fields in hosts access rules, administrators can accomplish a variety of tasks such as altering log behavior, consolidating access control, and launching shell commands.
Option fields let administrators easily change the log facility and priority level for a rule by using the severity
directive.
In the following example, connections to the SSH daemon from any host in the example.com
domain are logged to the default authpriv
syslog
facility (because no facility value is specified) with a priority of emerg
:
sshd : .example.com : severity emerg
It is also possible to specify a facility using the severity
option. The following example logs any SSH connection attempts by hosts from the example.com
domain to the local0
facility with a priority of alert
:
sshd : .example.com : severity local0.alert
In practice, this example does not work until the syslog daemon (syslogd
) is configured to log to the local0
facility. Refer to the syslog.conf
man page for information about configuring custom log facilities.