diff --git a/README.md b/README.md
index 4430f20..a8804ed 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 # accept-guard
 
-Service access control by wrapping the Linux `accept()`, `recvfrom()`,
-and `recvmsg()` system calls, for TCP and UDP respectively.
+Service access control (ACL) by wrapping the Linux `accept()`, `recv()`,
+`recvfrom()`, and `recvmsg()` system calls, for TCP and UDP.
 
 The accept guard wrapper allows access to services based on a list of
 interfaces and ports.  It is loaded using the `LD_PRELOAD` environment
diff --git a/accept-guard.c b/accept-guard.c
index dd39157..35a8ed9 100644
--- a/accept-guard.c
+++ b/accept-guard.c
@@ -46,6 +46,7 @@ struct acl {
 static struct acl acl[MAX_IFACES];
 
 static int     (*org_accept)   (int, struct sockaddr *, socklen_t *);
+static ssize_t (*org_recv)     (int, void *, size_t, int);
 static ssize_t (*org_recvfrom) (int, void *, size_t, int, struct sockaddr *, socklen_t *);
 static ssize_t (*org_recvmsg)  (int, struct msghdr *, int);
 
@@ -287,6 +288,19 @@ static ssize_t do_recv(int sd, int rc, int flags, int ifindex)
 	return rc;
 }
 
+ssize_t recv(int sd, void *buf, size_t len, int flags)
+{
+	int ifindex;
+
+	org_recv = dlsym(RTLD_NEXT, "recv");
+	org_recvfrom = dlsym(RTLD_NEXT, "recvfrom");
+	org_recvmsg = dlsym(RTLD_NEXT, "recvmsg");
+
+	ifindex = peek_ifindex(sd);
+
+	return do_recv(sd, org_recv(sd, buf, len, flags), flags, ifindex);
+}
+
 ssize_t recvfrom(int sd, void *buf, size_t len, int flags, struct sockaddr *addr, socklen_t *addrlen)
 {
 	int ifindex;
diff --git a/test/client.c b/test/client.c
index 6a1fc72..e23e143 100644
--- a/test/client.c
+++ b/test/client.c
@@ -65,7 +65,7 @@ void tcp(int family, char *addr, char *port)
 	if (len == -1)
 		err(1, "Failed communicating with server at %s:%s", addr, port);
 
-	len = read(sd, buf, sizeof(buf));
+	len = recv(sd, buf, sizeof(buf), 0);
 	if (len <= 0) {
 		usleep(10000);
 		err(1, "Failed reading response from server at %s:%s", addr, port);
diff --git a/test/server.c b/test/server.c
index f08cec7..f5a3eef 100644
--- a/test/server.c
+++ b/test/server.c
@@ -80,7 +80,7 @@ void tcp(int family, char *port)
 			continue;
 		}
   
-		n = read(client, buf, sizeof(buf));
+		n = recv(client, buf, sizeof(buf), 0);
 		if (n == -1) {
 			warn("Failed reading from client socket");
 			continue;