From owner-freebsd-isp  Sat Aug  8 07:25:04 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA17677
          for freebsd-isp-outgoing; Sat, 8 Aug 1998 07:25:04 -0700 (PDT)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from ns0.iticom.net ([207.49.135.249])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id HAA17670
          for <freebsd-isp@FreeBSD.ORG>; Sat, 8 Aug 1998 07:25:01 -0700 (PDT)
          (envelope-from trouble@webfyre.com)
Received: from webfyre.com by ns0.iticom.net ; Sat, 08 Aug 1998 14:24:47 +000
Message-ID: <35CC6DA7.77E69973@webfyre.com>
Date: Sat, 08 Aug 1998 10:24:23 -0500
From: "Security Mgr." <trouble@webfyre.com>
Reply-To: trouble@webfyre.com
X-Mailer: Mozilla 4.05 [en] (X11; I; FreeBSD 2.2CAM-19980716-SNAP i386)
MIME-Version: 1.0
To: Scot Elliott <scot@planet-three.com>
CC: John Prince <johnp@lodgenet.com>, freebsd-isp@FreeBSD.ORG,
        johnp@vwebpage.com
Subject: Re: Virtual Server
References: <Pine.BSF.4.00.9808081222510.1480-100000@tweetie.online.barbour-index.co.uk>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Scot Elliott wrote:

> I've been thinking about this recently too.  My conclustion is that
> something like xinetd (see ports) which allows addresses to be bound to is
> the way to go.  Run multiple xinetd processes, one for each domain - each
> one chrooted to the domain root.  Make sure each service in each file only
> binds to the correct address.  Then, telnet/ftp etc connections will also
> be restricted to that root.
>
> Comments anyone?
>
> Scot.
>
> On Fri, 7 Aug 1998, John Prince wrote:
>
> > Hello to all..
> > I know this topic has come up before, however I am still unclear..
> >
> > What would be the best method of implementing a virtual server,
> > allowing multiple domains to have there own ``chrooted'' area, as
> > well as admin to this area.
> >
> > Any help/suggestions are greatly appreciated.
> > Thanks,
> > --John Prince

Ummmm WRONG........ although this setup would work, I have accomplished this
with a simple modification to httpd, ftp, sendmail and pop. My server runs
everything that pertains to a customer in a chrooted environment, this is done
easily not by multiple xinetd.... ACK i have 1000 ips on a single box can you
imaging 1000 xinetd sessions running, i think not.... !!! I can use deamons for
everything but httpd, which runs out of xinetd using hosts.allow, or run all
services from one xinetd. This does work quite nicely under linux and FreeBSD
freebsd seems to be more stable though, bit more robust networking wise. If you
want further information email me


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message