144743Smarkm# @(#) Banners.Makefile 1.3 97/02/12 02:13:18 244743Smarkm# 344743Smarkm# Install this file as the Makefile in your directory with banner files. 444743Smarkm# It will convert a prototype banner text to a form that is suitable for 544743Smarkm# the ftp, telnet, rlogin, and other services. 644743Smarkm# 744743Smarkm# You'll have to comment out the IN definition below if your daemon 844743Smarkm# names don't start with `in.'. 944743Smarkm# 1044743Smarkm# The prototype text should live in the banners directory, as a file with 1144743Smarkm# the name "prototype". In the prototype text you can use %<character> 1244743Smarkm# sequences as described in the hosts_access.5 manual page (`nroff -man' 1344743Smarkm# format). The sequences will be expanded while the banner message is 1444743Smarkm# sent to the client. For example: 1544743Smarkm# 1644743Smarkm# Hello %u@%h, what brings you here? 1744743Smarkm# 1844743Smarkm# Expands to: Hello username@hostname, what brings you here? Note: the 1944743Smarkm# use of %u forces a client username lookup. 2044743Smarkm# 2144743Smarkm# In order to use banners, build the tcp wrapper with -DPROCESS_OPTIONS 2244743Smarkm# and use hosts.allow rules like this: 2344743Smarkm# 2444743Smarkm# daemons ... : clients ... : banners /some/directory ... 2544743Smarkm# 2644743Smarkm# Of course, nothing prevents you from using multiple banner directories. 2744743Smarkm# For example, one banner directory for clients that are granted service, 2844743Smarkm# one banner directory for rejected clients, and one banner directory for 2944743Smarkm# clients with a hostname problem. 3044743Smarkm# 3144743SmarkmSHELL = /bin/sh 3244743SmarkmIN = in. 3344743SmarkmBANNERS = $(IN)telnetd $(IN)ftpd $(IN)rlogind # $(IN)fingerd $(IN)rshd 3444743Smarkm 3544743Smarkmall: $(BANNERS) 3644743Smarkm 3744743Smarkm$(IN)telnetd: prototype 3844743Smarkm cp prototype $@ 3944743Smarkm chmod 644 $@ 4044743Smarkm 4144743Smarkm$(IN)ftpd: prototype 4244743Smarkm sed 's/^/220-/' prototype > $@ 4344743Smarkm chmod 644 $@ 4444743Smarkm 4544743Smarkm$(IN)rlogind: prototype nul 4644743Smarkm ( ./nul ; cat prototype ) > $@ 4744743Smarkm chmod 644 $@ 4844743Smarkm 4944743Smarkm# Other services: banners may interfere with normal operation 5044743Smarkm# so they should probably be used only when refusing service. 5144743Smarkm# In particular, banners don't work with standard rsh daemons. 5244743Smarkm# You would have to use an rshd that has built-in tcp wrapper 5344743Smarkm# support, for example the rshd that is part of the logdaemon 5444743Smarkm# utilities. 5544743Smarkm 5644743Smarkm$(IN)fingerd: prototype 5744743Smarkm cp prototype $@ 5844743Smarkm chmod 644 $@ 5944743Smarkm 6044743Smarkm$(IN)rshd: prototype nul 6144743Smarkm ( ./nul ; cat prototype ) > $@ 6244743Smarkm chmod 644 $@ 6344743Smarkm 6444743Smarkm# In case no /dev/zero available, let's hope they have at least 6544743Smarkm# a C compiler of some sort. 6644743Smarkm 6744743Smarkmnul: 6844743Smarkm echo 'main() { write(1,"",1); return(0); }' >nul.c 6944743Smarkm $(CC) $(CFLAGS) -s -o nul nul.c 7044743Smarkm rm -f nul.c 71