Make maxchild and max child-per-minute default values configurable from

the command line or Makefile.

usr.sbin/inetd/inetd.8

@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     from: @(#)inetd.8	8.3 (Berkeley) 4/13/94
-.\"	$Id: inetd.8,v 1.16 1997/10/28 13:46:51 ache Exp $
+.\"	$Id: inetd.8,v 1.17 1997/10/29 21:49:02 dima Exp $
 .\"
 .Dd February 7, 1996
 .Dt INETD 8
@@ -43,9 +43,11 @@
 .Nm inetd
 .Op Fl d
 .Op Fl l
-.Op Fl R Ar rate
+.Op Fl c Ar maximum
+.Op Fl C Ar rate
 .Op Fl a Ar address
 .Op Fl p Ar filename
+.Op Fl R Ar rate
 .Op Ar configuration file
 .Sh DESCRIPTION
 The
@@ -76,6 +78,15 @@ The following options are available:
 Turn on debugging.
 .It Fl l
 Turn on logging.
+.It Fl c Ar maximum
+Specify the default maximum number of services that can be invoked.
+May be overridden on a per-service basis with the "max-child"
+parameter.
+.It Fl C Ar rate
+Specify the default maximum number of times a service can be invoked
+from a single IP address in one minute; the default is unlimited.
+May be overridden on a per-service basis with the
+"max-connections-per-ip-per-minute" parameter.
 .It Fl R Ar rate
 Specify the maximum number of times a service can be invoked
 in one minute; the default is 256.

usr.sbin/inetd/inetd.c

@@ -42,7 +42,7 @@ static const char copyright[] =
 static char sccsid[] = "@(#)from: inetd.c	8.4 (Berkeley) 4/13/94";
 #endif
 static const char rcsid[] =
-	"$Id: inetd.c,v 1.28 1997/10/28 13:46:52 ache Exp $";
+	"$Id: inetd.c,v 1.29 1997/10/29 21:49:04 dima Exp $";
 #endif /* not lint */
 
 /*
@@ -141,6 +141,17 @@ static const char rcsid[] =
 
 #include "pathnames.h"
 
+#ifndef	MAXCHILD
+#define	MAXCHILD	-1		/* maximum number of this service
+					   < 0 = no limit */
+#endif
+
+#ifndef	MAXCPM
+#define	MAXCPM		-1		/* rate limit invocations from a
+					   single remote address,
+					   < 0 = no limit */
+#endif
+
 #define	TOOMANY		256		/* don't start more than TOOMANY */
 #define	CNT_INTVL	60		/* servers in CNT_INTVL sec. */
 #define	RETRYTIME	(60*10)		/* retry after bind or server fail */
@@ -155,6 +166,8 @@ fd_set	allsock;
 int	options;
 int	timingout;
 int	toomany = TOOMANY;
+int	maxchild = MAXCPM;
+int	maxcpm = MAXCHILD;
 struct	servent *sp;
 struct	rpcent *rpc;
 struct	in_addr bind_address;
@@ -272,6 +285,23 @@ char	**Argv;
 char 	*LastArg;
 #endif
 
+int
+getvalue(arg, value, whine)
+	char *arg, *whine;
+	int  *value;
+{
+	int  tmp;
+	char *p;
+
+	tmp = strtol(arg, &p, 0);
+	if (tmp < 1 || *p) {
+		syslog(LOG_ERR, whine, arg);
+		return 1;			/* failure */
+	}
+	*value = tmp;
+	return 0;				/* success */
+}
+
 int
 main(argc, argv, envp)
 	int argc;
@@ -303,7 +333,7 @@ main(argc, argv, envp)
 	openlog("inetd", LOG_PID | LOG_NOWAIT, LOG_DAEMON);
 
 	bind_address.s_addr = htonl(INADDR_ANY);
-	while ((ch = getopt(argc, argv, "dlR:a:p:")) != -1)
+	while ((ch = getopt(argc, argv, "dlR:a:c:C:p:")) != -1)
 		switch(ch) {
 		case 'd':
 			debug = 1;
@@ -312,18 +342,18 @@ main(argc, argv, envp)
 		case 'l':
 			log = 1;
 			break;
-		case 'R': {	/* invocation rate */
-			char *p;
-
-			tmpint = strtol(optarg, &p, 0);
-			if (tmpint < 1 || *p)
-				syslog(LOG_ERR,
-			         "-R %s: bad value for service invocation rate",
-					optarg);
-			else
-				toomany = tmpint;
+		case 'R':
+			getvalue(optarg, &toomany,
+				"-R %s: bad value for service invocation rate");
+			break;
+		case 'c':
+			getvalue(optarg, &maxchild,
+				"-c %s: bad value for maximum children");
+			break;
+		case 'C':
+			getvalue(optarg, &maxcpm,
+				"-C %s: bad value for maximum children/minute");
 			break;
-		}
 		case 'a':
 			if (!inet_aton(optarg, &bind_address)) {
 				syslog(LOG_ERR,
@@ -338,6 +368,7 @@ main(argc, argv, envp)
 		default:
 			syslog(LOG_ERR,
 				"usage: inetd [-dl] [-a address] [-R rate]"
+				" [-c maximum] [-C rate]"
 				" [-p pidfile] [conf-file]");
 			exit(EX_USAGE);
 		}
@@ -1147,8 +1178,8 @@ more:
 			CONFIG, sep->se_service);
 		goto more;
 	}
-	sep->se_maxchild = -1;
-	sep->se_maxcpm = -1;
+	sep->se_maxchild = maxchild;
+	sep->se_maxcpm = maxcpm;
 	if ((s = strchr(arg, '/')) != NULL) {
 		char *eptr;
 		u_long val;
@@ -1874,9 +1905,9 @@ cpmip(sep, ctrl)
 		if (cnt * (CHTSIZE * CHTGRAN) / 60 > sep->se_maxcpm) {
 			r = -1;
 			syslog(LOG_ERR,
-			    "%s from %s exceeded counts/min limit %d/%d",
-			    sep->se_service, inet_ntoa(rsin.sin_addr), cnt,
-			    sep->se_maxcpm );
+			    "%s from %s exceeded counts/min (limit %d/min)",
+			    sep->se_service, inet_ntoa(rsin.sin_addr), 
+			    sep->se_maxcpm);
 		}
 	}
 	return(r);