[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] inetd
On Wed, May 24, 2000 at 09:41:24AM +0100, kbarrass wrote:
> Is it possible to configure inetd to listen to a single ip address or
> device i.e eth0:1 so I can provide different services on different ad
>dresses.
Stephen has already mentioned xinetd; I've been using this myself.
I have a number of machines with several IP addresses, some of
which are shared between them. In general, I don't want people
to use the unique addresses to telnet/ftp/ssh/whatever; I want
them to use the service address, which is shared among the
servers. So my xinetd.conf looks like this:
defaults
{
log_type = SYSLOG auth
only_from = 130.88.201.62
log_on_failure = HOST USER RECORD
}
service telnet
{
socket_type = stream
protocol = tcp
wait = no
user = root
group = telnetd
server = /usr/sbin/in.telnetd
only_from = 0.0.0.0
bind = 130.88.203.157
}
and so on. So you see this means that (for testing purposes)
this machine accepts incoming connections only from 130.88.201.62
unless otherwise specified. For telnet, I override this, allowing
connections from anywhere, provided they use the (shared) IP
address 130.88.203.157; anyone using the direct address gets
'connection refused'.
I haven't got the ftp part of it working properly yet. As to
ssh, which is not controlled by xinetd, it is configurable in
sshd_config.
-- Owen
LeBlanc [at] mcc.ac.uk
-- Owen
LeBlanc [at] mcc.ac.uk
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.
- References:
- [Sheflug] inetd
- From: "kbarrass" <kbarrass [at] minsthorpecc.wakefld.sch.uk>