etcinetd.conf

Previous page
Table of content
Next page

/etc/inetd.conf

The inetd(8) daemon handles connections for less frequently used Internet services. For example, because most systems don't have a steady stream of incoming FTP requests, there's no need for the additional overhead of a FTP daemon listening when it's going to be idle 99.9 percent of the time. Instead, inetd(8) listens on the FTP port. When a FTP request comes in, inetd starts up the FTP daemon and hands it the request. The inetd.conf file configures which port inetd listens on, what service it handles, which programs are started to handle incoming requests, and how those programs are started. Each service has its own line.

Inetd also handles functions that are so small and rarely used that they're easier to implement within inetd rather than write an external program for them. This includes things such as the "echo" service, which just repeats anything you send to it, or the "daytime" service that just prints out the date. These are disabled by default, but can be enabled if you wish. The standard /etc/inetd.conf provides entries for many of the integrated programs included in OpenBSD, such as the pop3 daemon popa3d.

Most daemons have separate configuration lines for IP and IPv6, so if you're not running IPv6, you can ignore all those entries. Let's look at the provided pop3 daemon configuration.

 1 # 2 pop3  3 stream  4 tcp     5 nowait  6 root 7 /usr/sbin/popa3d   8 popa3d

First, the 1 pound sign shows that this entry is commented out; it will not have any effect until it is uncommented and inetd(8) is restarted.

Service Name and Address

Then we have the 2 service name and address. The name must match a name in /etc/services. Inetd relies upon the service name to determine which TCP or UDP port to bind to.

As an OpenBSD-specific feature you can specify an address or host name before the service name, separated by a colon. This tells inetd(8) which IP address to bind to. For example, to run the POP3 service on 192.168.87.44, we would use something very much like the line above but specify the address with the service name.

 192.168.87.44:pop3  stream tcp  nowait  root  /usr/sbin/popa3d   popa3d

You can provide multiple addresses, separated by commas, on a single line. If you don't specify a host name or address, inetd will bind to all available IP addresses on the specified port.

If you want inetd to only listen on a specific IP address for all services, you can specify that IP address on a line by itself, followed by a colon. This will then become the default IP address where inetd(8) listens on for all following connections. For example, putting this at the top of your file tells inetd to attach to only the given unless told otherwise.

 192.168.87.44:

You can actually change the default IP address inetd listens on partway through the file. Suppose you have several inetd services that you want to listen on the IP address 192.168.87.44 and several others that you want to listen on the IP address 192.168.87.45. You could do this in your configuration:

 192.168.87.44: ... [configure inetd services that listen on 192.168.87.44 here] ... 192.168.87.45: ... [configure inetd services that listen on 192.168.87.45 here] ...

You can override these defaults on any single entry just by specifying your preferred IP. If you want to explicitly tell inetd(8) to listen on all available IP addresses, give an asterisk as the IP address. Following lines will obey the default.

Network and Daemon Configuration

The next field gives the 3 socket type. All TCP connections are type "stream," while UDP connections are type "dgram." There are other possible values, but these are the most common.

We then have the 4 protocol, which must be a valid protocol from /etc/protocols. The most common are "tcp," "udp," "tcp6," and "udp6." The tcp6 and udp6 protocols are explicitly for IPv6 connections. The "udp" and "tcp" protocol types are used for the default networking protocol the system supports, generally IPv4.

The 5 next field indicates whether inetd(8) should wait for the particular service to accept the connection, or just start the program and go away. As a general rule, TCP programs use "nowait," while UDP programs need "wait." Check the documentation for your particular program to be certain. You can rate-limit a daemon will accept by putting a dot and the number of connections per second after the wait or nowait statement. The default limit is 256 connections per service per second. Here, we limit our pop3 to 128 connections per second.

 pop3  stream  tcp     nowait.128  root /usr/sbin/popa3d   popa3d

You can rate-limit connections across all of inetd(8) by starting the service with the "-R" option, as discussed in the manual page.

The next field lists the 6 user the daemon runs as. The POP3 server must run as root, because it must access files belonging to many different users. We then have the 7 full path to the program that inetd(8) will execute. Finally, we give 8 how the program is called. If you want to use any command-line arguments for the service program, put them here.

For full information, see inetd(8).



Previous page
Table of content
Next page
Absolute Openbsd(c) Unix for the Practical Paranoid
Absolute OpenBSD: Unix for the Practical Paranoid
ISBN: 1886411999
EAN: 2147483647
Year: 2005
Pages: 298
Authors: Michael W. Lucas
BUY ON AMAZON
A Practitioners Guide to Software Test Design
MySQL Cookbook
Twisted Network Programming Essentials
PMP Practice Questions Exam Cram 2
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy