Commit Graph

39 Commits

Author SHA1 Message Date
Brian Feldman
2404a15a12 Correct a groff error in macro usage ("foo : bar" becomes "``foo: bar''").
Document the auth -n flag.
1999-07-24 17:11:50 +00:00
Sheldon Hearn
3467b84849 Document the -o and -t options to the internal auth service and give an
example of their usage in the sample config. Merge the two examples
for the green internal auth service.

This commit failed the first time around because Brian beat me to the
punch on inetd.8 . I like my descriptions better and I'm pretty sure
Brian won't mind.
1999-07-23 15:49:34 +00:00
Brian Feldman
763c487788 As per DES's prodding, document _all_ the arguments to inetd's auth
service. This includes the -o "operating system" argument and the -t
"timeout" argument.
1999-07-23 15:37:39 +00:00
Sheldon Hearn
2ab0563dfe Document the new {auth,ident,tap} service and provide examples in the
configuration file.

Requested by:	green
1999-07-16 15:41:14 +00:00
Brian Feldman
715400fa2a Fix ``:''.
PR:		12589
1999-07-11 08:32:24 +00:00
Sheldon Hearn
10d03f50ad Allow internal and external wrapping to be enabled independantly of
each other. Instead of allowing the -w option to be specified twice,
we now take -w (wrap external) and -W (wrap internal).

Discussed with:	markm
1999-07-09 11:19:01 +00:00
Sheldon Hearn
eb0fde47f8 Allow service alias names from /etc/services to be used when specifying
internal services in inetd.conf .

The inetd(8) manpage used to say that the official name of a service
_must_ be used, yet inetd itself was hardcoded to used a service alias for
the auth service, namely ident!

Rather than change inetd.conf and break existing configurations on next
upgrade, we now allow service aliases as well as official names. This
allows the software to work as expected and still support existing
configurations.

This should not breaking existing wrapped configurations either and the
inetd(8) manpage already states that it is the service name specified in
inetd.conf that is used for calls to hosts_access(3).

PR:	11796
Reported by:	Alex Charalabidis <alex@wnm.net>
Approved by:	des
1999-07-02 16:21:13 +00:00
Sheldon Hearn
27fd1dba4e Clarify that the services name, as specified in inetd.conf, for an
internal service should be used as the daemon name when constructing
hosts_access(5) rules.
1999-07-02 15:58:32 +00:00
Sheldon Hearn
1efeefd521 Ommitted in previous commit message:
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-30 23:47:46 +00:00
Sheldon Hearn
c48c2d6d38 Enable wrapping for dgram services and fix logging so that -l really
does log all connections.
1999-06-30 23:36:39 +00:00
Sheldon Hearn
6e4989b255 Fix the SYNOPSIS to reflect that the -w option can be specified twice.
Requested by:	obrien
Approved by:	mpp
1999-06-27 21:07:55 +00:00
Sheldon Hearn
54f5ebed00 Add command-line option (-w), specified once to enable wrapping and
twice to enable wrapping for internal wrapping as well. If the option is
not specified wrapping is turned off so that inetd will behave exactly
as it used to before TCP Wrappers was imported.

Change etc/defaults/rc.conf so as to encourage wrapping on new systems.

Clarify the use of TCP Wrappers in the IMPLEMENTATION NOTES of the
manual page.

Approved by:	jkh
1999-06-27 18:05:34 +00:00
Sheldon Hearn
274811a772 Use Dq mdoc tag for double-quoted words. 1999-06-21 11:43:13 +00:00
Sheldon Hearn
1181cf3c52 Various fixes for inetd's TCP Wrappers support:
1) Handle forking and non-forking internal services correctly.
	   Turn on wrapping for internal services because it works now.
	2) Preserve server names for each service on HUP.
	3) Honour hosts_options(5) severity option.
	4) Add IMPLEMENTATION NOTES section to clarify TCP Wrappers
	   usage and limitations.

This change may cause previously allowed builtin services (e.g. daytime)
to be denied in existing configurations.

PR:	12097
Reviewed by:	markm
1)
Reported by:	Pierre Beyssac <pb@fasterix.freenix.org>
2)
Submitted by:	Masachika ISHIZUKA <ishizuka@ish.org>
3)
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-17 09:16:08 +00:00
David E. O'Brien
fad9a47729 MFS: sort reference list and embelish history. 1999-05-01 22:03:00 +00:00
Mark Murray
d06590a52b Fix the "internal" wrapping as well as a nasty bug involving
the daemon name vs the path. Also fix some warnings and improve
the wrapper section of the man page.

Nice debugging work by:	Sheldon Hearn
1999-04-11 09:22:17 +00:00
Mark Murray
9980037e50 Now inetd(8) has direct support for tcp_wrappers! Not working at the
moment is support for the internal serfvices, so these are not
enabled. Volunteers welcome!
1999-03-28 10:50:30 +00:00
Poul-Henning Kamp
1499abeef4 Spelling fixes.
PR:		6903
Reviewed by:	phk
Submitted by:	Josh Gilliam <josh@quick.net>
1998-06-10 12:34:27 +00:00
Pierre Beyssac
40907429e4 Small typo in T/TCP patch ("speicfy" -> "specify"). 1998-05-15 19:16:35 +00:00
Guido van Rooij
c6c38f1d7f On request of Garrett, ad a way to specify that a service should be
reachable via T/TCP
Reviewed by:	Garrett Wollman
1998-05-14 20:26:16 +00:00
Garrett Wollman
10ad031e1d Document the requirement for TCPMUX to also be enabled as an internal
service if any external TCPMUX servers are desired.

PR: 826
1998-04-13 15:05:14 +00:00
Paul Traina
ffb7094ed2 Make maxchild and max child-per-minute default values configurable from
the command line or Makefile.
1998-02-24 21:55:14 +00:00
Dima Ruban
3e2e58f12e Add possibility to specify maximum number of connections per minute
for a given IP address.
This should be very effective against DoS attacks.
1997-10-29 21:49:04 +00:00
Andrey A. Chernov
b34683ca29 Implement group part now, final syntax is:
user[:group][/login-class]
1997-10-28 13:46:52 +00:00
Andrey A. Chernov
186a5319ff Implement login classes sepcification as user[/loginclass]
By default inetd run things with the same limits as from /etc/rc
(daemon class) to not break anything as in good old days.
1997-10-27 22:03:47 +00:00
Philippe Charnier
c1a2e93e94 Use err(3). 1997-09-19 06:27:30 +00:00
Peter Wemm
476602a9d0 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
Wolfram Schneider
bfd34a4a60 Sort cross references. 1997-01-20 00:03:00 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Julian Elischer
0661be0b5d Reviewed by: Bill fenner
Submitted by:	Archie Cobbs (Archie@whistle.com)

Changes to allow inted to control the number of servers to
start on each service. This is a defence against a denial of service attack
in which the system is made unusable by
an external party. It also allows the behaviour of
small memory systems to be more accuratly predicted, by
bounding the extent to which processes can multiply.
1996-11-10 21:12:44 +00:00
Julian Elischer
7356460fe3 Reviewed by: various
Submitted by:	archie@whistle.com

changes to allow inetd to bind to a single interface
for more complicated options see xinetd in ports.

Obtained from: whistle.com
1996-08-09 22:20:24 +00:00
Garrett Wollman
e50d775901 Call setsockopt(SO_PRIVSTATE) to renounce SS_PRIV on all the sockets
we create.  (Nothing being called from inetd should use it anyway,
but you can never be too careful.)

Translate the man page back into -mdoc.
1996-02-07 17:15:01 +00:00
Mike Pritchard
4a8d02835c Fix a bunch of spelling errors in a bunch of man pages. 1996-01-30 13:52:50 +00:00
Garrett Wollman
9fe96cbb6d Record PID in /var/run/inetd.pid and document same. 1995-10-12 16:43:27 +00:00
David Greenman
ee812eb286 Correct the "default rate" - it's 256/minute not 1000/minute. 1995-10-09 23:34:07 +00:00
Garrett Wollman
71704f34b1 Disable UDP service looping attack. 1994-12-21 19:08:45 +00:00
Geoff Rehmet
bee39b42f3 - increase TOOMANY, in line with 1.x
- add logging option from 1.x
1994-09-11 11:16:32 +00:00
Geoff Rehmet
55b91f3ab6 Bring in handling of RPC services from 1.x
(Guess who forgot to replace his inetd until today ;-)
1994-09-11 10:48:02 +00:00
Rodney W. Grimes
dea673e932 BSD 4.4 Lite usr.sbin Sources 1994-05-26 05:23:31 +00:00