svn commit: r43706 - in head/en_US.ISO8859-1/books/handbook: advanced-networking network-servers
Dru Lavigne
dru at FreeBSD.org
Fri Jan 31 15:30:55 UTC 2014
Author: dru
Date: Fri Jan 31 15:30:54 2014
New Revision: 43706
URL: http://svnweb.freebsd.org/changeset/doc/43706
Log:
First 1/2 of edits to this section.
Shuffle content into a more logical order and clarify text.
Rename a few sub-sections and remove reference to a section that was merged into another section.
Sponsored by: iXsystems
Modified:
head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml
head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Jan 30 23:42:09 2014 (r43705)
+++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Jan 31 15:30:54 2014 (r43706)
@@ -4232,7 +4232,7 @@ cd /usr/src/etc; make distribution</prog
<step>
<para>Enable &man.inetd.8; by following the steps outlined
- in <xref linkend="network-inetd-settings"/>.</para>
+ in <xref linkend="network-inetd-conf"/>.</para>
</step>
<step>
Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Jan 30 23:42:09 2014 (r43705)
+++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Fri Jan 31 15:30:54 2014 (r43706)
@@ -132,20 +132,20 @@
-->
<title>The <application>inetd</application>
- <quote>Super-Server</quote></title>
+ Super-Server</title>
<sect2 xml:id="network-inetd-overview">
- <title>Overview</title>
- <para>The &man.inetd.8; daemon is sometimes referred to as the
- <quote>Internet Super-Server</quote> because it manages
- connections for many services. When a connection is received
- by <application>inetd</application>, it determines which
- program the connection is destined for, spawns the particular
- process and delegates the socket to it (the program is invoked
- with the service socket as its standard input, output and
- error descriptors). Running <application>inetd</application>
- for servers that are not heavily used can reduce the overall
+ <para>The &man.inetd.8; daemon is sometimes referred to as a
+ Super-Server because it manages
+ connections for many services. Instead of starting multiple
+ applications, only the <application>inetd</application> service
+ needs to be started. When a connection is received
+ for a service that is managed by <application>inetd</application>, it determines which
+ program the connection is destined for, spawns a
+ process for that program, and delegates the program a socket.
+ Using <application>inetd</application>
+ for services that are not heavily used can reduce
system load, when compared to running each daemon individually
in stand-alone mode.</para>
@@ -155,133 +155,44 @@
<application>auth</application>, and
<application>daytime</application>.</para>
- <para>This section covers the basics in configuring
- <application>inetd</application> through its command-line
- options and its configuration file,
- <filename>/etc/inetd.conf</filename>.</para>
- </sect2>
-
- <sect2 xml:id="network-inetd-settings">
- <title>Settings</title>
-
- <para><application>inetd</application> is initialized through
- the &man.rc.8; system. The <literal>inetd_enable</literal>
- option is set to <literal>NO</literal> by default. It can be
- enabled by placing:</para>
-
- <programlisting>inetd_enable="YES"</programlisting>
-
- <para>into <filename>/etc/rc.conf</filename>.
- <application>inetd</application> will now start at boot time.
- The command:</para>
-
- <screen>&prompt.root; <userinput>service inetd rcvar</userinput></screen>
-
- <para>can be run to display the current effective
- setting.</para>
-
- <para>Additionally, different command-line options can be passed
- to <application>inetd</application> via the
- <literal>inetd_flags</literal> option.</para>
- </sect2>
-
- <sect2 xml:id="network-inetd-cmdline">
- <title>Command-Line Options</title>
-
- <para>Like most server daemons, <application>inetd</application>
- has a number of options that it can be passed in order to
- modify its behaviour. Refer to &man.inetd.8; for
- the full list of options.</para>
-
- <para>Options can be passed to <application>inetd</application>
- using the <literal>inetd_flags</literal> option in
- <filename>/etc/rc.conf</filename>. By default,
- <literal>inetd_flags</literal> is set to
- <literal>-wW -C 60</literal>, which turns on TCP wrapping for
- <application>inetd</application>'s services, and prevents any
- single <acronym>IP</acronym> address from requesting any
- service more than 60 times in any given minute.</para>
-
- <para>Although we mention rate-limiting options below, novice
- users may be pleased to note that these parameters usually do
- not need to be modified. These options may be useful if
- an excessive amount of connections are being established.
- A full list of options can be found in
- &man.inetd.8;.</para>
-
- <variablelist>
- <varlistentry>
- <term>-c maximum</term>
-
- <listitem>
- <para>Specify the default maximum number of simultaneous
- invocations of each service; the default is unlimited.
- May be overridden on a per-service basis with the
- <option>max-child</option> parameter.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>-C rate</term>
-
- <listitem>
- <para>Specify the default maximum number of times a
- service can be invoked from a single
- <acronym>IP</acronym> address in one minute; the default
- is unlimited. May be overridden on a per-service basis
- with the
- <option>max-connections-per-ip-per-minute</option>
- parameter.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>-R rate</term>
-
- <listitem>
- <para>Specify the maximum number of times a service can be
- invoked in one minute; the default is 256. A rate of 0
- allows an unlimited number of invocations.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>-s maximum</term>
-
- <listitem>
- <para>Specify the maximum number of times a service can be
- invoked from a single <acronym>IP</acronym> address at
- any one time; the default is unlimited. May be
- overridden on a per-service basis with the
- <option>max-child-per-ip</option> parameter.</para>
- </listitem>
- </varlistentry>
- </variablelist>
+ <para>This section covers the basics of configuring
+ <application>inetd</application>.</para>
</sect2>
<sect2 xml:id="network-inetd-conf">
- <!-- XXX This section is not very clear and could do with some tlc -->
- <title><filename>inetd.conf</filename></title>
+ <title>Configuration File</title>
<para>Configuration of <application>inetd</application> is
- done by editing <filename>/etc/inetd.conf</filename>.</para>
+ done by editing <filename>/etc/inetd.conf</filename>. Each line of this configuration file represents an application
+ which can be started by <application>inetd</application>. By
+ default, every line starts with a comment
+ (<literal>#</literal>), meaning that <application>inetd</application>
+ is not listening for any applications. To configure
+ <application>inetd</application> to listen for an application's
+ connections, remove the <literal>#</literal> at the beginning of
+ the line for that application.</para>
- <para>When a modification is made to
- <filename>/etc/inetd.conf</filename>,
- <application>inetd</application> can be forced to re-read its
- configuration file by running the command:</para>
+ <para>After saving your edits, configure <application>inetd</application>
+ to start at system boot by editing <filename>/etc/rc.conf</filename>:</para>
- <example xml:id="network-inetd-reread">
- <title>Reloading the <application>inetd</application>
- Configuration File</title>
+ <programlisting>inetd_enable="YES"</programlisting>
- <screen>&prompt.root; <userinput>service inetd reload</userinput></screen>
- </example>
+ <para>To start
+ <application>inetd</application> now, so that it listens for
+ the service you configured, type:</para>
+
+ <screen>&prompt.root; <userinput>service inetd start</userinput></screen>
+
+ <para>Typically, the default entry for an application does not
+ need to be edited beyond removing the <literal>#</literal>.
+ In some situations, it may be appropriate to edit the default
+ entry.</para>
+
+ <para>As an example, this is the default entry for &man.ftpd.8; using IPv4:</para>
+
+ <programlisting>ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l</programlisting>
- <para>Each line of the configuration file specifies an
- individual daemon. Comments in the file are preceded by a
- <quote>#</quote>. The format of each entry in
- <filename>/etc/inetd.conf</filename> is as follows:</para>
+ <para>The seven columns in an entry are as follows:</para>
<programlisting>service-name
socket-type
@@ -291,10 +202,7 @@ user[:group][/login-class]
server-program
server-program-arguments</programlisting>
- <para>An example entry for the &man.ftpd.8; daemon using IPv4
- might read:</para>
-
- <programlisting>ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l</programlisting>
+ <para>where:</para>
<variablelist>
<varlistentry>
@@ -489,6 +397,95 @@ server-program-arguments</programlisting
</listitem>
</varlistentry>
</variablelist>
+
+ <para>When a modification is made to
+ <filename>/etc/inetd.conf</filename>,
+ <application>inetd</application> can be forced to re-read its
+ configuration file by running the command:</para>
+
+ <example xml:id="network-inetd-reread">
+ <title>Reloading the <application>inetd</application>
+ Configuration File</title>
+
+ <screen>&prompt.root; <userinput>service inetd reload</userinput></screen>
+ </example>
+ </sect2>
+
+ <sect2 xml:id="network-inetd-cmdline">
+ <title>Command-Line Options</title>
+
+ <para>Additionally, different command-line options can be passed
+ to <application>inetd</application> via the
+ <literal>inetd_flags</literal> option.</para>
+ <para>Like most server daemons, <application>inetd</application>
+ has a number of options that it can be passed in order to
+ modify its behaviour. Refer to &man.inetd.8; for
+ the full list of options.</para>
+
+ <para>Options can be passed to <application>inetd</application>
+ using the <literal>inetd_flags</literal> option in
+ <filename>/etc/rc.conf</filename>. By default,
+ <literal>inetd_flags</literal> is set to
+ <literal>-wW -C 60</literal>, which turns on TCP wrapping for
+ <application>inetd</application>'s services, and prevents any
+ single <acronym>IP</acronym> address from requesting any
+ service more than 60 times in any given minute.</para>
+
+ <para>Although we mention rate-limiting options below, novice
+ users may be pleased to note that these parameters usually do
+ not need to be modified. These options may be useful if
+ an excessive amount of connections are being established.
+ A full list of options can be found in
+ &man.inetd.8;.</para>
+
+ <variablelist>
+ <varlistentry>
+ <term>-c maximum</term>
+
+ <listitem>
+ <para>Specify the default maximum number of simultaneous
+ invocations of each service; the default is unlimited.
+ May be overridden on a per-service basis with the
+ <option>max-child</option> parameter.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-C rate</term>
+
+ <listitem>
+ <para>Specify the default maximum number of times a
+ service can be invoked from a single
+ <acronym>IP</acronym> address in one minute; the default
+ is unlimited. May be overridden on a per-service basis
+ with the
+ <option>max-connections-per-ip-per-minute</option>
+ parameter.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-R rate</term>
+
+ <listitem>
+ <para>Specify the maximum number of times a service can be
+ invoked in one minute; the default is 256. A rate of 0
+ allows an unlimited number of invocations.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-s maximum</term>
+
+ <listitem>
+ <para>Specify the maximum number of times a service can be
+ invoked from a single <acronym>IP</acronym> address at
+ any one time; the default is unlimited. May be
+ overridden on a per-service basis with the
+ <option>max-child-per-ip</option> parameter.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
</sect2>
<sect2 xml:id="network-inetd-security">
More information about the svn-doc-all
mailing list