Inetd, tcpwrapper

From docwiki
Revision as of 16:50, 31 March 2020 by Mond (talk | contribs) (inetd)
Jump to: navigation, search

Motivation

Often a server is not used often, but because it needs to take connections it must be running all the time. This consumes some memory. For simple servers that are only used once in a while, there is a nice soltuion: inetd. This is a small and simple server that starts server programs as soon as a connection comes in. This also enables you to write simple servers with a shell script.

inetd

There are, unfortunately different versions of inetd. inetutils-inetd and openbsd-inetd are rather similar, while xinetd has a different syntax.

Here is an example of using openbsd-inetd.

The inetd is using a configuration file /etc/inetd.conf 

110 stream tcp nowait root /usr/sbin/in.pop3d
4567 stream tcp nowait nobody /bin/nc -t 192.168.1.41 80
5555 stream tcp noweit nobody /usr/local/bin/mytest.sh

The above example config file opens 3 ports: 110 4567 and 5555. On 110 it starts an inetified version of the pop3 program that would allow you access to your mailbox on that server. The server is started as user "root" here.

On 4567 it starts a netcat nc program that connects to port 80 of an internal host. This could be used to forward an internal webserver to port 4567 on a firewall. This is a poor man's version of DNAT. It has the disadvantage that the internal server does not see the outside IP.

The last example starts a shell script as user "nobody". See below for an example.

While with inetd you have the advantage that the server is only started on demand: The downside is that a process is started for each incoming connection: Thus the performance suffers with heavy load.
Retrieved from "https://mond.at/docwiki/index.php?title=Inetd,_tcpwrapper&oldid=411"