Analysis of the inetd. conf file

Inetd. conf file analysis 1. preface the Inetd. conf file is one of the important files in Linux. It stores the database that provides internet services. Through this file, you can control these services, such as opening/closing a service to make it run more securely .... Inetd. conf file analysis 1. preface the Inetd. conf file is one of the important files in Linux. It stores the database that provides internet services. Through this file, you can control these services, such as opening/closing a service to make it run more securely. I hope this article can be fully explained as much as possible. 2. the field must contain the following fields in each valid entry in the inetd. conf file. * Service name * socket type * protocol type * wait/nowait [. max] * User name [. group] * Service program * parameters of the Service Program. of course, if you want to define the Sun-RPC service. the conf file requires the following types of domains: * Service name/version * socket type * rpc/protocol type * wait/nowait [. max] * User name [. group] * Service program * the parameter service name of the Service Program is a valid service name (such as telnet and echo) defined in the/etc/services file ). If a service is used to define a Sun-RPC service, it must be defined in the/etc/rpc file. The socket type domain includes the following types: * stream-stram * dgram-datam* * raw-raw * rdm-reliabl! Y delivered message * seqpacket-sequenced packet this field depends on the socket type used. The Protocol Type field must be a type that has been defined in the/etc/protocols file. The most common is tcp and udp. The Sun-RPC service must add "rpc/" (such as rpc/tcp or rpc/udp) to the front of the protocol. the Wait/nowait domain is only used for datagram sockets, all others use the nowait parameter. If the service is multi-threaded, it means that the socket will be released after the connection is established with the peer end. the inetd process can receive more messages through some sockets. in this case, "nowait" is used. If the service is a single thread, it means that the service will process all the foreign datagram in the same socket until it times out. in this case, the "wait" entry is used. The Max parameter, separated by a vertex and wait/nowait, defines the maximum number of instances generated by the inetd process within one minute. The user domain defines the service user. Group parameters, separated by points and user names, define group IDs that can run services except in the/etc/passwd file. A service program is the complete path of the program executed during a socket request. If it is a built-in service of the inted process, it should be "internally ". The service program parameters provide the required parameters for running the program. Similarly, if the service is built in, it is also "internally ". 3. now let's look at different services for better understanding. Telnet stream tcp; nowait root/usr/sbin/tcpd in. telnetd * Service name: telnet * socket type: stream * protocol type: tcp * Wait/Nowait [. max]: nowait * User name [. group]: root * Service Program:/usr/sbin/tcpd * parameter: in. telnetd echo dgram udp wait root internal * Service name: echo * socket type: dgram * protocol type: udp * Wait/Nowait [. max]: wait * User name [. group]: root * Service Program: internal rstatd/1-3 dgram rpc/udp wait root/usr/sbin/tcpd rpc. rstatd * Service name: rstatd/1-3 * Socket Class Type: dgram * protocol type: rpc/udp * Wait/Nowait [. max]: wait * User name [. group]: root * Service Program:/usr/sbin/tcpd * & nb! Sp; parameter: rpc. rstatd 4. it is very easy to enable and disable the service. you only need to add a # before the service you want to disable. for example, if you want to disable the 23-terminal, telnet the service as long as it is like the following. # Telnet stream tcp nowait root/usr/sbin/tcpd in. at this time, the telnet service is closed. if I want to allow a friend to access my computer via telnet, I just need to remove #, just like this. Telnet stream tcp nowait root/usr/sbin/tcpd in. telnetd at this time, the telnet service is enabled again, which is so simple. Restart the inetd process to make the change take effect. run the following command. James :~ # Killall-HUP inetd 5. if the daemon is in the parameter field of the service program, you will see some options, such: smtp stream tcp nowait root/usr/sbin/sendmail-bs at the end of the previous line, there is "-bs "! Indicates that the B and s parameters are used, which has the same effect as the following command: hoodl um :~ # Sendmail-bs. Therefore, if you want to use certain parameters for the Daemon, you only need to add them to the parameter field of the service program. You can use man to query specific parameters. 6. TCP Wrappers is an application that protects network services and is usually used in the 6th column-service program domain. Telnet stream tcp nowait root/usr/sbin/tcpd in. telnetd TCP Wrappers uses two files:/etc/hosts. allow and/etc/hosts. deny, which limits the use of a service. The Hosts. allow file contains a list of hosts that are allowed to access the service. Hosts. deny contains hosts that are not allowed to access the service.