Network service configuration in redhat7.1

Article title: network service configuration in redhat7.1. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Redhat 7.1 differs significantly from previous versions by replacing the original inetd. conf with xinetd. conf and directly using
Firewall Service. For the sake of enhanced overall system security, ftp is not started in the old version in 7.1 by default,
Telnet and other services, and due to the strict restrictions of ipchains, it brings trouble for many users to configure.
To facilitate your configuration and use, I will introduce the configuration process I explored here.
Xinetd (eXtended InterNET services daemon) extends the inetd function. the background and other content of the inetd are described here.
If you are interested, you can go to www.xinetd.org or other related websites to query your network services.
　　
The default configuration file of xinetd is/etc/xinetd. conf. it looks completely different from the old version of/etc/inetd. conf,
Expand the specified service in each line of inetd into a configuration file under/etc/xinetd. d/in the form of a script. The format is:
　　
Service-name
{
Socket_type = xxx; // TCP/IP socket type, such as stream, dgram, raw ,....
Protocol = xxx; // the protocol used by the service
Server = xxx; // full path of the daemon service
Server_args = xxx; // service parameter
Port = xxx; // specify the service Port number
Wait = xxx; // whether the service is blocked, that is, a single thread or multiple threads
User = xxx; // uid of the service process
Group = xxx; // gid
REUSE = xxx; // reusable flag
Disabled = yes/no; // whether to disable
......
　　
}
　　
Take ftp and telnet as examples to describe the configuration process.
In the/etc/xinetd. d Directory, edit ftp and telnet
Ftp:
Service proftpd
{
Disable = no
Port = 21
Socket_type = stream
Protocol = tcp
User = root
Server =/usr/local/sbin/in. proftpd
Wait = no
}
　　
　　
Telnet is as follows:
Service telnetd
{
Disable = no
Port = 23
Socket_type = stream
Protocol = tcp
Wait = tcp
User = root
Server =/usr/sbin/in. telnetd
}
　　
　　
Then restart the service.
#/Etc/rc. d/init. d/xinetd restart or: # killall-HUP xinetd
　　
At this time, there should be no problem with telnet localhost and ftp localhost.
However, other machines in the LAN may still be unable to use the ftp and telnet services. There is another place to set,
It is ipchains, which has firewall and routing functions.
# Vi/etc/sysconfig/ipchains. what do you find?
　　
# Firewall configuration written by lokkit
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through
# Firewall; such entries will ** not * be listed here.
: Input ACCEPT
: Forward ACCEPT
: Output ACCEPT
-A input-s 0/0-d 0/0-I lo-j ACCEPT
-A input-p tcp-s 0/0-d 0/0-y-j REJECT //********
-A input-p tcp-s 0/0-d 0/0 2049-y-j REJECT
-A input-p udp-s 0/0-d 0/0-j REJECT //********
-A input-p udp-s 0/0-d 0/0 2049-j REJECT
-A input-p tcp-s 0/0-d 0/0 6000: 6009-y-j REJECT
-A input-p tcp-s 0/0-d 0/0 7100-y-j REJECT
　　
That's right. for security reasons, ipchains closed all ports 0. Therefore, you must open them.
　　
Change the REJECT in the row marked with "// ********" to "ACCEPT,
Then restart the machine. everything is OK.
Other services, such as rlogin and talk, are basically the same as the above configurations. However, for more in-depth understanding,
But it will take some time. :)