[Eug-lug] Wrapping for Access Control

[Jeff_W]

I'm trying to figure out how I can use TCP Wrappers to provide
rudimentary access control for a python-based network service
(PYGopherd). I've read a bunch of man pages and How-Tos on the web
and have concluded that in order to get TCP Wrappers to provide
access control there needs to be a wrapper for it and/or it needs
to run out of inetd (this is a BSD system w/ tcpd's functions
integrated into inetd). I've yet to come across some simple
instructions for creating such a wrapper; tests done with simply
adding PYG to /etc/services & /etc/inetd.conf and restarting have
been unsuccessful - PYG starts & stops OK but connections produce
this:

# Traceback (most recent call last):  File "/usr/pkg/bin/pygopherd", line 30, in
# ?
#     s = initialization.initeverything(conffile)
#   File "/usr/pkg/lib/python2.3/site-packages/pygopherd/initialization.py", line
#  187, in initeverything
#     s = getserverobject(config)
#   File "/usr/pkg/lib/python2.3/site-packages/pygopherd/initialization.py", line
#  120, in getserverobject
#     GopherRequestHandler)
#   File "/usr/pkg/lib/python2.3/SocketServer.py", line 330, in __init__
#     self.server_bind()
#   File "/usr/pkg/lib/python2.3/site-packages/pygopherd/initialization.py", line
#  100, in server_bind
#     servertype.server_bind(self)
#   File "/usr/pkg/lib/python2.3/SocketServer.py", line 341, in server_bind
#     self.socket.bind(self.server_address)
#   File "<string>", line 1, in bind
# socket.error: (48, 'Address already in use')


Having forgotten anything I might have learned about python, I really
can't make much of this except that it appears the socket/port is
not available to the application (maybe because inetd is listening
on it?).

Anyways, is there some easy way of "wrapping" PYG for use w/ TCP
Wrappers or do I need to look at something else like IP Filter,
etc. ?

-Jeff