I thought we had put this problem to bed, but it has reared its ugly
head again. We want to explicitly allow a number of certain IP addresses
to telnet in to our 3Ks. A minor change to our inetdsec file uncovered
that it was not linked to its POSIX name space /etc/adm/inetd.sec;
linking it hosed access. It seems that a 'telnet allow' will take as
many arguments as one can enter on one line. The end of line
continuation character does not seem to work on the 3K, and only the
last telnet allow line is used. I discussed this with our admin people,
who agreed that this seems to work great on the 9K, and that it seems
reasonable to assume that telnet on the 3K is more or less a port of
what works on the 9K, and that HP could be expected to get this right.
Our admin people called HPRC, and they acknowledged that this does seem
to be a problem with the implementation of inetd.

I know that there are other things we can do, and we do some of those
other things, and I want us to do most if not all of those other things,
as I tend to distrust single layers of security (and no, I don't usually
wear a belt and suspenders). I want to get this to work. Does anyone
know if this is an honest-to-goodness bug, and we just have to wait for
it to get fixed, or is there some magic incantation or obscure work
around to explicitly allow only (a number of) certain addresses thru in
the inetd security file?