inetd is a super-server daemon on many Unix systems that manages Internet services. A super-server or sometimes called a service dispatcher is a type of daemon run generally on Unix-like systems In Unix and other computer multitasking Operating systems a daemon (ˈdiːmən or /ˈdeɪmən/ is a Computer program that runs in the background Unix (officially trademarked as UNIX, sometimes also written as Unix with Small caps) is a computer The Internet is a global system of interconnected Computer networks First appearing in 4.3BSD [1], it is generally located at /usr/sbin/inetd.
Contents |
Function
Often called a super-server, inetd listens on designated ports used by internet services such as FTP, POP3, and telnet. In Computer networking, a port is an application-specific or process-specific software construct serving as a communications endpoint used by Transport Layer protocols In Computing, local E-mail clients use the Post Office Protocol version 3 ( POP3) an application-layer Internet standard protocol Telnet ( Tel ecommunication net work is a Network protocol used on the Internet or local area network (LAN connections When a TCP packet or UDP packet comes in with a particular port number, inetd launches the appropriate server program to handle the connection. The Transmission Control Protocol (TCP is one of the core protocols of the Internet Protocol Suite. User Datagram Protocol ( UDP) is one of the core protocols of the Internet Protocol Suite. For services that are not expected to run with high loads, this method uses memory more efficiently, as the specific servers run only when needed. Furthermore, no network code is required in the application-specific daemons, as inetd hooks the sockets directly to stdin, stdout and stderr of the spawned process. In Unix and Unix-like operating systems as well as certain Programming language interfaces the standard streams are preconnected input and output channels In Unix and Unix-like operating systems as well as certain Programming language interfaces the standard streams are preconnected input and output channels In Unix and Unix-like operating systems as well as certain Programming language interfaces the standard streams are preconnected input and output channels For protocols that have frequent traffic, such as HTTP and POP3, a dedicated server that intercepts the traffic directly may be preferable. Hypertext Transfer Protocol ( HTTP) is a Communications protocol for the transfer of information on the Internet.
Setup
The file /etc/services is used to map port numbers and protocols to service names, and the file /etc/inetd. conf is used to map service names to server names. For example, if a TCP request comes in on port 23, /etc/services shows:
telnet 23/tcp
The corresponding line in the /etc/inetd. conf file (in this case, taken from a machine running AIX version 5. 1) is:
telnet stream tcp6 nowait root /usr/sbin/telnetd telnetd -a
This tells inetd to launch the program /usr/sbin/telnetd with the command line arguments telnetd -a. inetd automatically hooks the socket to stdin, stdout, and stderr of the server program.
Generally TCP sockets are handled by spawning a separate server to handle each connection concurrently. UDP sockets are generally handled by a single server instance that handles all packets on that port.
Some simple services, such as echo, are handled directly by inetd, without spawning an external server.
Creating an inetd service
This is a simple inetd service, written in C. tags please moot on the talk page first! --> In Computing, C is a general-purpose cross-platform block structured It accepts an optional command line argument containing a filename for a log file, and then it logs all strings sent through the socket to the log file. This program is based on a logging service for a distributed processing program that may be accepting messages from multiple processes running on different machines. Distributed computing deals with Hardware and Software Systems containing more than one processing element or Storage element concurrent By using an inetd service for receiving the logging messages, all machines can send the messages to a common machine to be stored in a single log file.
#include <stdio. h> #include <stdlib. h> #include <unistd. h> #include <string. h> int main(int argc, char **argv) { /* this is a buffer for the messages to be logged */ char str[4096]; /* pointer to the log file */ FILE *fp = NULL; /* if inetd passes an argument, use that as the filename */ if(argc == 2) fp = fopen(argv[1], "at"); else /* else open a file in the /tmp directory */ fp = fopen("/tmp/errorLog. txt", "at"); /* fail if the logfile cannot be opened */ if(fp == NULL) return -1; while(!feof(stdin)) { /* read up to the newline, up to 4095 characters; fgets will null terminate the string for us */ fgets(str, 4096, stdin); /* write string to logfile and flush it */ fprintf(fp, "%s", str); fflush(fp); } /* close logfile and exit */ fclose(fp); return 0; }
In this case, we want all messages logged to a single file, so we only want one instance of the service running to service all requests. This means UDP would be the correct protocol to use. First, an unused port number must be picked. In this sample, 9999 will be used, as it was free on the machine on which the code was developed. The /etc/services entry will look like this:
errorLogger 9999/udp
And the entry in /etc/inetd. conf will look like this:
errorLogger dgram udp wait root /usr/local/bin/errlogd errlogd /tmp/logfile. txt
This tells inetd to run the /usr/local/bin/errlogd program, passing in the argument list errlogd /tmp/logfile. txt (refer to the inetd. conf man page for information on the other arguments). Almost all substantial UNIX and Unix-like Operating systems have extensive documentation known as man pages (short for "manual pages" The first argument is always the executable name, and the second argument (argument 1 in the zero based arrays used in C) contains the filename to be used for the log file, /tmp/logfile. txt. inetd will run the service when needed, and attach port 9999 to the input and output streams, and all strings sent to that port will be logged to the file. By specifying wait, it tells inetd to only use one instance of the server to handle all requests, unlike the telnet example above, where a new server is spawned to handle each incoming request. Telnet ( Tel ecommunication net work is a Network protocol used on the Internet or local area network (LAN connections
Note: the functionality of the above example is usually implemented by using syslog and a process like syslogd. syslog is a standard for forwarding log messages in an IP network. syslogd would normally be started in parallel with inetd, not as an inetd service.
inetd replacements
In recent years, because of the security limitations in the original design of inetd, it has been replaced by xinetd, rlinetd, ucspi-tcp, Upstart and others in many systems. In Computer networking, xinetd, the e' X' tended I nter' NET' D aemon is an open-source daemon which ucspi-tcp is a Public domain Unix TCP command-line tool for building TCP client-server applications Upstart is an event-based replacement for the Init daemon It was written by Scott James Remnant, an employee of Canonical Ltd Distributions of Linux especially have many options and Mac OS X (beginning with Mac OS X v10.2) uses xinetd. Linux (commonly pronounced ˈlɪnəks Mac OS X (mæk oʊ ɛs tɛn is a line of computer Operating systems developed marketed and sold by Apple Inc, the latest of which is pre-loaded on all currently Mac OS X version 102 “Jaguar” was the third major release of Mac OS X, Apple’s desktop and server Operating system. In Computer networking, xinetd, the e' X' tended I nter' NET' D aemon is an open-source daemon which As of version Mac OS X v10.4, Apple has merged the functionality of inetd into launchd. Mac OS X version 104 “Tiger” was the fifth major release of Mac OS X, Apple’s desktop and server Operating system for Macintosh launchd is a unified Open source service management Framework for starting stopping and managing daemons, programs and scripts
The services provided by inetd can be omitted entirely. This is becoming more common where machines are dedicated to a single function. For example, an HTTP server could be configured to just run httpd and have no other ports open. A dedicated firewall could have no services started.
Security concerns
While the inetd concept as a service dispatcher is not inherently insecure, the long list of services that inetd traditionally provided gave computer security experts pause. The possibility of a service having an exploitable flaw, or the service just being abused, had to be considered. Unnecessary services were disabled and off by default became the mantra. It is not uncommon to find an /etc/inetd. conf with almost all the services commented out in a modern Unix distribution.
See also
References
TCP Wrapper is a host-based Networking ACL system used to filter network access to Internet Protocol servers on ( Unix-like) Operating systems The Transmission Control Protocol ( TCP) and the User Datagram Protocol ( UDP) are Transport Layer protocols of the Internet Protocol FreeBSD is a Unix-like free Operating system descended from AT&T UNIX via the Berkeley Software Distribution (BSD branch through Almost all substantial UNIX and Unix-like Operating systems have extensive documentation known as man pages (short for "manual pages"Dapyx Software network: MP3 Explorer | Ebook Manager | Zenithic