1.\" Copyright (c) 1985, 1991, 1993, 1994 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" from: @(#)inetd.8 8.3 (Berkeley) 4/13/94 33.\" $FreeBSD$ 34.\" 35.Dd February 7, 1996 36.Dt INETD 8 37.Os BSD 4.4 38.Sh NAME 39.Nm inetd 40.Nd internet 41.Dq super-server 42.Sh SYNOPSIS 43.Nm inetd 44.Op Fl d 45.Op Fl l 46.Op Fl w 47.Op Fl W 48.Op Fl c Ar maximum 49.Op Fl C Ar rate 50.Op Fl a Ar address|hostname 51.Op Fl p Ar filename 52.Op Fl R Ar rate 53.Op Ar configuration file 54.Sh DESCRIPTION 55The 56.Nm 57program 58should be run at boot time by 59.Pa /etc/rc 60(see 61.Xr rc 8 ) . 62It then listens for connections on certain 63internet sockets. When a connection is found on one 64of its sockets, it decides what service the socket 65corresponds to, and invokes a program to service the request. 66The server program is invoked with the service socket 67as its standard input, output and error descriptors. 68After the program is 69finished, 70.Nm 71continues to listen on the socket (except in some cases which 72will be described below). Essentially, 73.Nm 74allows running one daemon to invoke several others, 75reducing load on the system. 76.Pp 77The following options are available: 78.Bl -tag -width indent 79.It Fl d 80Turn on debugging. 81.It Fl l 82Turn on logging of successful connections. 83.It Fl w 84Turn on TCP Wrapping for external services. 85See the 86.Sx "IMPLEMENTATION NOTES" 87section for more information on TCP Wrappers support. 88.It Fl W 89Turn on TCP Wrapping for internal services which are built in to 90.Nm inetd . 91.It Fl c Ar maximum 92Specify the default maximum number of services that can be invoked. 93May be overridden on a per-service basis with the "max-child" 94parameter. 95.It Fl C Ar rate 96Specify the default maximum number of times a service can be invoked 97from a single IP address in one minute; the default is unlimited. 98May be overridden on a per-service basis with the 99"max-connections-per-ip-per-minute" parameter. 100.It Fl R Ar rate 101Specify the maximum number of times a service can be invoked 102in one minute; the default is 256. 103.It Fl a 104Specify a specific IP address to bind to. 105Alternatively, a hostname can be specified, 106in which case the IPv4 or IPv6 address 107which corresponds to that hostname is used. 108Usually a hostname is specified when 109.Nm 110is run inside a 111.Xr jail 8 , 112in which case the hostname corresponds to the 113.Xr jail 8 114environment. 115.Pp 116When hostname specification is used 117and both IPv4 and IPv6 bindings are desired, 118one entry with the appropriate 119.Em protocol 120type for each binding 121is required for each service in 122.Pa /etc/inetd.conf . 123For example, 124a TCP-based service would need two entries, 125one using 126.Dq tcp4 127for the 128.Em protocol 129and the other using 130.Dq tcp6 . 131See the explanation of the 132.Pa /etc/inetd.conf 133.Em protocol 134field below. 135.It Fl p 136Specify an alternate file in which to store the process ID. 137.El 138.Pp 139Upon execution, 140.Nm 141reads its configuration information from a configuration 142file which, by default, is 143.Pa /etc/inetd.conf . 144There must be an entry for each field of the configuration 145file, with entries for each field separated by a tab or 146a space. Comments are denoted by a 147.Dq # 148at the beginning 149of a line. There must be an entry for each field. The 150fields of the configuration file are as follows: 151.Pp 152.Bd -unfilled -offset indent -compact 153service name 154socket type 155protocol 156{wait|nowait}[/max-child[/max-connections-per-ip-per-minute]] 157user[:group][/login-class] 158server program 159server program arguments 160.Ed 161.Pp 162To specify an 163.No Tn "ONC RPC" Ns -based 164service, the entry would contain these fields: 165.Pp 166.Bd -unfilled -offset indent -compact 167service name/version 168socket type 169rpc/protocol 170user[:group][/login-class] 171server program 172server program arguments 173.Ed 174.Pp 175There are two types of services that 176.Nm 177can start: standard and TCPMUX. 178A standard service has a well-known port assigned to it; 179it may be a service that implements an official Internet standard or is a 180BSD-specific service. 181As described in 182.Tn RFC 1078 , 183TCPMUX services are nonstandard services that do not have a 184well-known port assigned to them. 185They are invoked from 186.Nm 187when a program connects to the 188.Dq tcpmux 189well-known port and specifies 190the service name. 191This feature is useful for adding locally-developed servers. 192TCPMUX requests are only accepted when the multiplexor service itself 193is enabled, above and beyond and specific TCPMUX-based servers; see the 194discussion of internal services below. 195.Pp 196The 197.Em service-name 198entry is the name of a valid service in 199the file 200.Pa /etc/services . 201For 202.Dq internal 203services (discussed below), the service 204name 205should 206be the official name of the service (that is, the first entry in 207.Pa /etc/services ) . 208When used to specify an 209.No Tn "ONC RPC" Ns -based 210service, this field is a valid RPC service name in 211the file 212.Pa /etc/rpc . 213The part on the right of the 214.Dq / 215is the RPC version number. 216This 217can simply be a single numeric argument or a range of versions. 218A range is bounded by the low version to the high version - 219.Dq rusers/1-3 . 220For TCPMUX services, the value of the 221.Em service-name 222field consists of the string 223.Dq tcpmux 224followed by a slash and the 225locally-chosen service name. 226The service names listed in 227.Pa /etc/services 228and the name 229.Dq help 230are reserved. 231Try to choose unique names for your TCPMUX services by prefixing them with 232your organization's name and suffixing them with a version number. 233.Pp 234The 235.Em socket-type 236should be one of 237.Dq stream , 238.Dq dgram , 239.Dq raw , 240.Dq rdm , 241or 242.Dq seqpacket , 243depending on whether the socket is a stream, datagram, raw, 244reliably delivered message, or sequenced packet socket. 245TCPMUX services must use 246.Dq stream . 247.Pp 248The 249.Em protocol 250must be a valid protocol as given in 251.Pa /etc/protocols . 252Examples might be 253.Dq tcp 254or 255.Dq udp , 256both of which imply IPv4 for backward compatibility. 257The names 258.Dq tcp4 259and 260.Dq udp4 261specify IPv4 only. 262The names 263.Dq tcp6 264and 265.Dq udp6 266specify IPv6 only. 267The names 268.Dq tcp46 269and 270.Dq udp46 271specify that the entry accepts both IPv6 and IPv6 connections 272via a wildcard 273.Dv AF_INET6 274socket. 275If it is desired that the service is reachable via T/TCP, one should 276specify 277.Dq tcp/ttcp , 278which implies IPv4 for backward compatibility. 279The name 280.Dq tcp4/ttcp 281specifies IPv4 only, while 282.Dq tcp6/ttcp 283specifies IPv6 only. 284The name 285.Dq tcp46/ttcp 286specify that the entry accepts both IPv6 and IPv6 connections 287via a wildcard 288.Dv AF_INET6 289socket. 290Rpc based services 291(for which only IPv4 is supported at this time) 292are specified with the 293.Dq rpc/tcp 294or 295.Dq rpc/udp 296service type. 297TCPMUX services must use 298.Dq tcp , 299.Dq tcp4 , 300.Dq tcp6 301or 302.Dq tcp46 . 303.Pp 304The 305.Em wait/nowait 306entry specifies whether the server that is invoked by 307.Nm 308will take over 309the socket associated with the service access point, and thus whether 310.Nm 311should wait for the server to exit before listening for new service 312requests. 313Datagram servers must use 314.Dq wait , 315as they are always invoked with the original datagram socket bound 316to the specified service address. 317These servers must read at least one datagram from the socket 318before exiting. 319If a datagram server connects 320to its peer, freeing the socket so 321.Nm 322can receive further messages on the socket, it is said to be 323a 324.Dq multi-threaded 325server; 326it should read one datagram from the socket and create a new socket 327connected to the peer. 328It should fork, and the parent should then exit 329to allow 330.Nm 331to check for new service requests to spawn new servers. 332Datagram servers which process all incoming datagrams 333on a socket and eventually time out are said to be 334.Dq single-threaded . 335.Xr Comsat 8 , 336.Pq Xr biff 1 337and 338.Xr talkd 8 339are both examples of the latter type of 340datagram server. 341.Xr Tftpd 8 342is an example of a multi-threaded datagram server. 343.Pp 344Servers using stream sockets generally are multi-threaded and 345use the 346.Dq nowait 347entry. 348Connection requests for these services are accepted by 349.Nm Ns , 350and the server is given only the newly-accepted socket connected 351to a client of the service. 352Most stream-based services operate in this manner. 353Stream-based servers that use 354.Dq wait 355are started with the listening service socket, and must accept 356at least one connection request before exiting. 357Such a server would normally accept and process incoming connection 358requests until a timeout. 359TCPMUX services must use 360.Dq nowait . 361.Pp 362The maximum number of outstanding child processes (or 363.Dq threads ) 364for a 365.Dq nowait 366service may be explicitly specified by appending a 367.Dq / 368followed by the number to the 369.Dq nowait 370keyword. 371Normally 372(or if a value of zero is specified) there is no maximum. 373Otherwise, 374once the maximum is reached, further connection attempts will be 375queued up until an existing child process exits. 376This also works 377in the case of 378.Dq wait 379mode, although a value other than one (the 380default) might not make sense in some cases. 381You can also specify the maximum number of connections per minute 382for a given IP address by appending 383a 384.Dq / 385followed by the number to the maximum number of 386outstanding child processes. 387Once the maximum is reached, further 388connections from this IP address will be dropped until the end of the 389minute. 390.Pp 391The 392.Em user 393entry should contain the user name of the user as whom the server 394should run. This allows for servers to be given less permission 395than root. 396Optional 397.Em group 398part separated by 399.Dq \&: 400allows to specify group name different 401than default group for this user. 402Optional 403.Em login-class 404part separated by 405.Dq / 406allows to specify login class different 407than default 408.Dq daemon 409login class. 410.Pp 411The 412.Em server-program 413entry should contain the pathname of the program which is to be 414executed by 415.Nm 416when a request is found on its socket. If 417.Nm 418provides this service internally, this entry should 419be 420.Dq internal . 421.Pp 422The 423.Em server program arguments 424should be just as arguments 425normally are, starting with argv[0], which is the name of 426the program. If the service is provided internally, the 427.Em service-name 428of the service (and any arguments to it) or the word 429.Dq internal 430should take the place of this entry. 431.Pp 432Currently, the only internal service to take arguments is 433.Dq auth . 434Without options, the service will always return 435.Dq ERROR\ : HIDDEN-USER . 436The available arguments to this service that alter its behavior are: 437.Bl -tag -width indent 438.It Fl d Ar fallback 439Provide a 440.Ar fallback 441username. 442If the real 443.Dq auth 444service is enabled 445(with the 446.Fl r 447option discussed below), 448return this username instead of an error 449when look ups fail 450for either socket credentials or the username. 451If the real 452.Dq auth 453service is disabled, 454return this username for every request. 455This is primarily useful when running this service on a NAT machine. 456.It Fl t Ar sec[.usec] 457Specify a timeout for the service. 458The default timeout is 10.0 seconds. 459.It Fl r 460Offer a real 461.Dq auth 462service, as per RFC 1413. 463All the remaining flags apply only in this case. 464.It Fl f 465If the file 466.Pa .fakeid 467exists in the home directory of the identified user, report the username 468found in that file instead of the real username. 469.It Fl g 470Instead of returning the user's name to the ident requester, report a 471username made up of random alphanumeric characters, e.g. 472.Dq c0c993 . 473The 474.Fl g 475flag overrides not only the user names, but also any 476.Pa .fakeid 477or 478.Pa .noident 479files. 480.It Fl n 481If the file 482.Pa .noident 483exists in the home directory of the identified user, return 484.Dq ERROR\ : HIDDEN-USER . 485instead. 486.It Fl o Ar osname 487Use 488.Ar osname 489instead of the name of the system as reported by 490.Xr uname 3 . 491.El 492.Pp 493The 494.Nm 495program 496also provides several other 497.Dq trivial 498services internally by use of 499routines within itself. These services are 500.Dq echo , 501.Dq discard , 502.Dq chargen 503(character generator), 504.Dq daytime 505(human readable time), and 506.Dq time 507(machine readable time, in the form of the number of seconds since 508midnight, January 1, 1900). All of these services are available in 509both TCP and UDP versions; the UDP versions will refuse service if the 510request specifies a reply port corresponding to any internal service. 511(This is done as a defense against looping attacks; the remote IP address 512is logged.) 513For details of these services, consult the 514appropriate 515.Tn RFC 516document. 517.Pp 518The TCPMUX-demultiplexing service is also implemented as an internal service. 519For any TCPMUX-based service to function, the following line must be included 520in 521.Pa inetd.conf : 522.Bd -literal -offset indent 523tcpmux stream tcp nowait root internal 524.Ed 525.Pp 526When given the 527.Fl l 528option 529.Nm 530will log an entry to syslog each time a connection is accepted, noting the 531service selected and the IP-number of the remote requestor if available. 532Unless otherwise specified in the configuration file, 533and in the absence of the 534.Fl W 535and 536.Fl w 537options, 538.Nm 539will log to the 540.Dq daemon 541facility. 542.Pp 543The 544.Nm 545program 546rereads its configuration file when it receives a hangup signal, 547.Dv SIGHUP . 548Services may be added, deleted or modified when the configuration file 549is reread. 550Except when started in debugging mode, 551.Nm 552records its process ID in the file 553.Pa /var/run/inetd.pid 554to assist in reconfiguration. 555.Sh IMPLEMENTATION NOTES 556When given the 557.Fl w 558option, 559.Nm 560will wrap all services specified as 561.Dq stream nowait 562or 563.Dq dgram 564except for 565.Dq internal 566services. 567If the 568.Fl W 569option is given, such 570.Dq internal 571services will be wrapped. 572If both options are given, wrapping for both 573internal and external services will be enabled. 574Either wrapping option 575will cause failed connections to be logged to the 576.Dq auth 577syslog facility. 578Adding the 579.Fl l 580flag to the wrapping options will include successful connections in the 581logging to the 582.Dq auth 583facility. 584.Pp 585Note that 586.Nm 587only wraps requests for a 588.Dq wait 589service while no servers are available to service requests. 590Once a 591connection to such a service has been allowed, inetd has no control 592over subsequent connections to the service until no more servers 593are left listening for connection requests. 594.Pp 595When wrapping is enabled, the 596.Pa tcpd 597daemon is not required, as that functionality is builtin. 598For more information on TCP Wrappers; see the relevant documentation ( 599.Xr hosts_access 5 600). 601When reading that document, keep in mind that 602.Dq internal 603services have no associated daemon name. 604Therefore, the service name 605as specified in 606.Pa inetd.conf 607should be used as the daemon name for 608.Dq internal 609services. 610.Ss TCPMUX 611.Tn RFC 1078 612describes the TCPMUX protocol: 613``A TCP client connects to a foreign host on TCP port 1. It sends the 614service name followed by a carriage-return line-feed <CRLF>. The 615service name is never case sensitive. The server replies with a 616single character indicating positive (+) or negative (\-) 617acknowledgment, immediately followed by an optional message of 618explanation, terminated with a <CRLF>. If the reply was positive, 619the selected protocol begins; otherwise the connection is closed.'' 620The program is passed the TCP connection as file descriptors 0 and 1. 621.Pp 622If the TCPMUX service name begins with a 623.Dq + , 624.Nm 625returns the positive reply for the program. 626This allows you to invoke programs that use stdin/stdout 627without putting any special server code in them. 628.Pp 629The special service name 630.Dq help 631causes 632.Nm 633to list TCPMUX services in 634.Pa inetd.conf . 635.Ss IPsec 636The implementation includes a tiny hack 637to support IPsec policy settings for each socket. 638A special form of comment line, starting with 639.Dq Li #@ , 640is interpreted as a policy specifier. 641Everything after the 642.Dq Li #@ 643will be used as an IPsec policy string, 644as described in 645.Xr ipsec_set_policy 3 . 646Each 647policy specifier is applied to all the following lines in 648.Pa inetd.conf 649until the next policy specifier. 650An empty policy specifer resets the IPsec policy. 651.Pp 652If an invalid IPsec policy specifier appears in 653.Pa inetd.conf , 654.Nm 655will provide an error message via the 656.Xr syslog 3 657interface and abort execution. 658.Sh "FILES" 659.Bl -tag -width /var/run/inetd.pid -compact 660.It Pa /etc/inetd.conf 661configuration file 662.It Pa /etc/rpc 663translation of service names to RPC program numbers 664.It Pa /etc/services 665translation of service names to port numbers 666.It Pa /var/run/inetd.pid 667the pid of the currently running 668.Nm 669.El 670.Sh "EXAMPLES" 671.Pp 672Here are several example service entries for the various types of services: 673.Bd -literal 674ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l 675ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd 676telnet stream tcp6 nowait root /usr/libexec/telnetd telnetd 677shell stream tcp46 nowait root /usr/libexec/rshd rshd 678tcpmux/+date stream tcp nowait guest /bin/date date 679tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook 680rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd 681#@ ipsec ah/require 682chargen stream tcp nowait root internal 683#@ 684.Ed 685.Sh "ERROR MESSAGES" 686The 687.Nm 688server 689logs error messages using 690.Xr syslog 3 . 691Important error messages and their explanations are: 692.Pp 693.Bl -ohang -compact 694.It Xo 695.Ar service Ns / Ns Ar protocol 696.No " server failing (looping), service terminated." 697.Xc 698The number of requests for the specified service in the past minute 699exceeded the limit. 700The limit exists to prevent a broken program 701or a malicious user from swamping the system. 702This message may occur for several reasons: 703.Bl -enum -offset indent 704.It 705There are many hosts requesting the service within a short time period. 706.It 707A broken client program is requesting the service too frequently. 708.It 709A malicious user is running a program to invoke the service in 710a denial-of-service attack. 711.It 712The invoked service program has an error that causes clients 713to retry quickly. 714.El 715.Pp 716Use the 717.Fl R Ar rate 718option, 719as described above, to change the rate limit. 720Once the limit is reached, the service will be 721reenabled automatically in 10 minutes. 722.Pp 723.It Xo 724.Ar service Ns / Ns Ar protocol : 725.No \&No such user 726.Ar user , 727.No service ignored 728.Xc 729.It Xo 730.Ar service Ns / Ns Ar protocol : 731.No getpwnam : 732.Ar user : 733.No \&No such user 734.Xc 735No entry for 736.Ar user 737exists in the 738.Xr passwd 5 739database. 740The first message 741occurs when 742.Nm 743(re)reads the configuration file. 744The second message occurs when the 745service is invoked. 746.Pp 747.It Xo 748.Ar service : 749.No can't set uid 750.Ar uid 751.Xc 752.It Xo 753.Ar service : 754.No can't set gid 755.Ar gid 756.Xc 757The user or group ID for the entry's 758.Ar user 759field is invalid. 760.Pp 761.It "setsockopt(SO_PRIVSTATE): Operation not supported" 762The 763.Nm 764program attempted to renounce the privileged state associated with a 765socket but was unable to. 766.El 767.Sh SEE ALSO 768.Xr hosts_access 5 , 769.Xr hosts_options 5 , 770.Xr ipsec_set_policy 3 , 771.Xr login.conf 5 , 772.Xr passwd 5 , 773.Xr rpc 5 , 774.Xr services 5 , 775.Xr comsat 8 , 776.Xr fingerd 8 , 777.Xr ftpd 8 , 778.Xr portmap 8 , 779.Xr rexecd 8 , 780.Xr rlogind 8 , 781.Xr rshd 8 , 782.Xr telnetd 8 , 783.Xr tftpd 8 784.Rs 785.%A Michael C. St. Johns 786.%T Identification Protocol 787.%O RFC1413 788.Re 789.Sh HISTORY 790The 791.Nm 792command appeared in 793.Bx 4.3 . 794TCPMUX is based on code and documentation by Mark Lottor. 795Support for 796.Tn "ONC RPC" 797based services is modeled after that 798provided by 799.Tn SunOS 8004.1. 801The IPsec hack was contributed by the KAME project in 1999. 802The 803.Fx 804TCP Wrappers support first appeared in 805.Fx 3.2 . 806