If the "server" attribute is specified, this attribute takes priority. This means you can have a telnet server listening on a local, secured interface, and not on the external interface. Or one port on one interface can do something, while the same port on a different interface can do something completely different.
This banner is printed regardless of access control. In paticular, if the protocol requires CR-LF pairs for line termination, you must supply them. This banner is printed as soon as access is granted for the service. This banner is printed immediately upon denial of access. This is useful for informing your users that they are doing something bad and they shouldn't be doing it anymore. This specifies the maximum instances of this service per source IP address.
This can also be specified in the defaults section. Takes two arguments. The first argument is the number of connections per second to handle. If the rate of incoming connections is higher than this, the service will be temporarily disabled. The second argument is the number of seconds to wait before re-enabling the service after it has been disabled.
The default for this setting is 50 incoming connections and the interval is 10 seconds. For example: 2 or 2. The service will stop accepting connections at this load. This is the one minute load average.
This feature is only avaliable if xinetd was configured with the -with-loadavg option. If the groups attribute is set to "yes", then the server is executed with access to the groups that the server's effective UID has access to. Alternatively, if the group attribute is set, the server is executed with access to the groups specified. If the groups attribute is set to "no", then the server runs with no supplementary groups. This attribute must be set to "yes" for many BSD systems. This attribute can be set in the defaults section as well.
On systems that support mdns registration of services currently only Mac OS X , this will enable or disable registration of the service. This defaults to "yes". Expects an octal value. This option may be set in the "defaults" section to set a umask for all services. Services in this group are usually datagram-based. So far, the only reason for the existence of a super-server was to conserve system resources by avoiding to fork a lot of processes which might be dormant for most of their lifetime.
While fulfilling this function, xinetd takes advantage of the idea of a super- server to provide features such as access control and logging. Therefore, anybody can use xinetd to start special-purpose servers. This produces a lot of debugging output, and it makes it possible to use a debugger on xinetd.
The following facility names are supported: daemon, auth, user, local[] check syslog. This option is ineffective in debug mode since all relevant messages are sent to the terminal. Messages are always appended to the file. See xinetd. You May Also Like. It then starts an instance of the requested service and passes control of the connection to it.
Once the connection is established, xinetd does not interfere further with communication between the client host and the server. It is read once when the xinetd service is started, so for configuration changes to take effect, the administrator must restart the xinetd service.
By default, the remote host's IP address and the process ID of server processing the request are recorded. If this limit is reached, the service is retired for 30 seconds.
0コメント