From owner-svn-doc-head@FreeBSD.ORG Fri Jan 31 15:30:55 2014 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C65D1E33; Fri, 31 Jan 2014 15:30:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A8EEF1AF1; Fri, 31 Jan 2014 15:30:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id s0VFUtkI067804; Fri, 31 Jan 2014 15:30:55 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id s0VFUtnZ067802; Fri, 31 Jan 2014 15:30:55 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201401311530.s0VFUtnZ067802@svn.freebsd.org> From: Dru Lavigne Date: Fri, 31 Jan 2014 15:30:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r43706 - in head/en_US.ISO8859-1/books/handbook: advanced-networking network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jan 2014 15:30:55 -0000 Author: dru Date: Fri Jan 31 15:30:54 2014 New Revision: 43706 URL: http://svnweb.freebsd.org/changeset/doc/43706 Log: First 1/2 of edits to this section. Shuffle content into a more logical order and clarify text. Rename a few sub-sections and remove reference to a section that was merged into another section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Jan 30 23:42:09 2014 (r43705) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Jan 31 15:30:54 2014 (r43706) @@ -4232,7 +4232,7 @@ cd /usr/src/etc; make distribution Enable &man.inetd.8; by following the steps outlined - in . + in . Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Jan 30 23:42:09 2014 (r43705) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Fri Jan 31 15:30:54 2014 (r43706) @@ -132,20 +132,20 @@ --> The <application>inetd</application> - <quote>Super-Server</quote> + Super-Server - Overview - The &man.inetd.8; daemon is sometimes referred to as the - Internet Super-Server because it manages - connections for many services. When a connection is received - by inetd, it determines which - program the connection is destined for, spawns the particular - process and delegates the socket to it (the program is invoked - with the service socket as its standard input, output and - error descriptors). Running inetd - for servers that are not heavily used can reduce the overall + The &man.inetd.8; daemon is sometimes referred to as a + Super-Server because it manages + connections for many services. Instead of starting multiple + applications, only the inetd service + needs to be started. When a connection is received + for a service that is managed by inetd, it determines which + program the connection is destined for, spawns a + process for that program, and delegates the program a socket. + Using inetd + for services that are not heavily used can reduce system load, when compared to running each daemon individually in stand-alone mode. @@ -155,133 +155,44 @@ auth, and daytime. - This section covers the basics in configuring - inetd through its command-line - options and its configuration file, - /etc/inetd.conf. - - - - Settings - - inetd is initialized through - the &man.rc.8; system. The inetd_enable - option is set to NO by default. It can be - enabled by placing: - - inetd_enable="YES" - - into /etc/rc.conf. - inetd will now start at boot time. - The command: - - &prompt.root; service inetd rcvar - - can be run to display the current effective - setting. - - Additionally, different command-line options can be passed - to inetd via the - inetd_flags option. - - - - Command-Line Options - - Like most server daemons, inetd - has a number of options that it can be passed in order to - modify its behaviour. Refer to &man.inetd.8; for - the full list of options. - - Options can be passed to inetd - using the inetd_flags option in - /etc/rc.conf. By default, - inetd_flags is set to - -wW -C 60, which turns on TCP wrapping for - inetd's services, and prevents any - single IP address from requesting any - service more than 60 times in any given minute. - - Although we mention rate-limiting options below, novice - users may be pleased to note that these parameters usually do - not need to be modified. These options may be useful if - an excessive amount of connections are being established. - A full list of options can be found in - &man.inetd.8;. - - - - -c maximum - - - Specify the default maximum number of simultaneous - invocations of each service; the default is unlimited. - May be overridden on a per-service basis with the - parameter. - - - - - -C rate - - - Specify the default maximum number of times a - service can be invoked from a single - IP address in one minute; the default - is unlimited. May be overridden on a per-service basis - with the - - parameter. - - - - - -R rate - - - Specify the maximum number of times a service can be - invoked in one minute; the default is 256. A rate of 0 - allows an unlimited number of invocations. - - - - - -s maximum - - - Specify the maximum number of times a service can be - invoked from a single IP address at - any one time; the default is unlimited. May be - overridden on a per-service basis with the - parameter. - - - + This section covers the basics of configuring + inetd. - - <filename>inetd.conf</filename> + Configuration File Configuration of inetd is - done by editing /etc/inetd.conf. + done by editing /etc/inetd.conf. Each line of this configuration file represents an application + which can be started by inetd. By + default, every line starts with a comment + (#), meaning that inetd + is not listening for any applications. To configure + inetd to listen for an application's + connections, remove the # at the beginning of + the line for that application. - When a modification is made to - /etc/inetd.conf, - inetd can be forced to re-read its - configuration file by running the command: + After saving your edits, configure inetd + to start at system boot by editing /etc/rc.conf: - - Reloading the <application>inetd</application> - Configuration File + inetd_enable="YES" - &prompt.root; service inetd reload - + To start + inetd now, so that it listens for + the service you configured, type: + + &prompt.root; service inetd start + + Typically, the default entry for an application does not + need to be edited beyond removing the #. + In some situations, it may be appropriate to edit the default + entry. + + As an example, this is the default entry for &man.ftpd.8; using IPv4: + + ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l - Each line of the configuration file specifies an - individual daemon. Comments in the file are preceded by a - #. The format of each entry in - /etc/inetd.conf is as follows: + The seven columns in an entry are as follows: service-name socket-type @@ -291,10 +202,7 @@ user[:group][/login-class] server-program server-program-arguments - An example entry for the &man.ftpd.8; daemon using IPv4 - might read: - - ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l + where: @@ -489,6 +397,95 @@ server-program-arguments + + When a modification is made to + /etc/inetd.conf, + inetd can be forced to re-read its + configuration file by running the command: + + + Reloading the <application>inetd</application> + Configuration File + + &prompt.root; service inetd reload + + + + + Command-Line Options + + Additionally, different command-line options can be passed + to inetd via the + inetd_flags option. + Like most server daemons, inetd + has a number of options that it can be passed in order to + modify its behaviour. Refer to &man.inetd.8; for + the full list of options. + + Options can be passed to inetd + using the inetd_flags option in + /etc/rc.conf. By default, + inetd_flags is set to + -wW -C 60, which turns on TCP wrapping for + inetd's services, and prevents any + single IP address from requesting any + service more than 60 times in any given minute. + + Although we mention rate-limiting options below, novice + users may be pleased to note that these parameters usually do + not need to be modified. These options may be useful if + an excessive amount of connections are being established. + A full list of options can be found in + &man.inetd.8;. + + + + -c maximum + + + Specify the default maximum number of simultaneous + invocations of each service; the default is unlimited. + May be overridden on a per-service basis with the + parameter. + + + + + -C rate + + + Specify the default maximum number of times a + service can be invoked from a single + IP address in one minute; the default + is unlimited. May be overridden on a per-service basis + with the + + parameter. + + + + + -R rate + + + Specify the maximum number of times a service can be + invoked in one minute; the default is 256. A rate of 0 + allows an unlimited number of invocations. + + + + + -s maximum + + + Specify the maximum number of times a service can be + invoked from a single IP address at + any one time; the default is unlimited. May be + overridden on a per-service basis with the + parameter. + + +