/etc/xinetd.d/swat currently has: only_from = localhost This causes xinetd to do a reverse name lookup for each connection on that service to see if it's canonical name is 'localhost'. For better security it should read: only_from = 127.0.0.1
*** This bug has been marked as a duplicate of 16573 ***
No, this is something different: it's a security problem (DNS spoofing) rather than a confused application.
It's the same fix, however. :)
... and it's fixed in -22.
*** Bug 22995 has been marked as a duplicate of this bug. ***