Installing a firewall - sgi_fam problem

[Adrian Burd <adrian nhalodule tamu edu>]

Following a recent thread on this list, I've set about installing a simple
firewall on my machine. I've switched off ipchains (I'll eventually have
iptables set up), but keep getting the following in /var/log/secure

Mar  4 10:44:30 plankton xinetd[850]: START: sgi_fam pid=1233 from=0.0.0.0
Mar  4 10:44:31 plankton xinetd[1233]: FAIL: sgi_fam libwrap from=0.0.0.0

which repeats several times, then appears again a few hours later. In 
/var/log/messages, I get the following:

Mar  4 10:44:30 plankton xinetd[1233]: warning: can't get client address:Transport endpoint is not connected
Mar  4 10:44:31 plankton xinetd[1233]: libwrap refused connection to  sgi_fam from 0.0.0.0

I don't see where the IP address 0.0.0.0 should be coming from. In
xinetd.d/sgi_fam, I have 

service sgi_fam
{
	type         = RPC UNLISTED
        socket_type  = stream
        user         = root
        group        = nobody
        server       = /usr/bin/fam
	wait	     = yes
	protocol     = tcp
	rpc_version  = 2
	rpc_number   = 391002
	bind         = 127.0.0.1
}

and I've set 

 local_only = true

in fam.conf. My hosts.deny is set to ALL: ALL and my hosts.allow has

ALL: 127.0.0.1
ALL: <a trusted host>
sshd: <a trusted host>
sendmail: ALL
sgi_fam: ALL


Does anyone have any suggestions as to why I'm getting these warning and
error messages in the log files? I've spent a couple of hours hunting on
the net without any luck.

Thanks,

Adrian


Adrian Burd, Dpt. of Marine Sciences, University of Georgia.
706-542-1604 (office)
706-372-4549 (cell)


http://www-ocean.tamu.edu/~ecomodel