xinetd can use /etc/hosts.deny. The following syntax has been acceptable to the wrappers for years. in.ftpd:ALL:twist /bin/echo "421 host (%h) does not have access to %s"; /usr/local/etc/tcpd_report %d %u %h where tcpd_report is just a mail announcement script. /var/log/messages reports: Dec 4 13:19:38 bryce xinetd[22167]: error: /etc/hosts.deny, line 21: twist option in resident process Dec 4 13:19:38 bryce xinetd[22167]: refused connect from 139.88.189.233 replacing twist with spawn works. using ftp for test.
Confirmed... it works once, then xinetd exits. Looking into it.
This is fixed in xinetd-2.1.8.9pre14-1, coming soon to a Rawhide near you.