"The basic idea of TCP Wrappers is to provide wrapper daemons
that can be installed without any changes to existing software.
Most TCP/IP applications depend on the client/server model: that
is, when a connection is requested by a client, a server process is
started on the host to deal with this. TCP Wrappers works by
interposing an additional layer, or wrapper, between client and
server. In the basic service, the wrapper simply logs the name of
the client host and of the requested service, then hands over to
the real daemon, neither exchanging information with the client or
server, nor imposing overhead on the actual conversation between
the two. Optional features may be enabled, including: access
control; client user name lookups; and additional protection
against hostname spoofing..."