xinetd

最後更新: 2015-06-01

介紹

super-server: only daemon process started and it listens on all service ports for the services

multi-threaded: forking of a new server process for each new connection request

single-threaded: xinetd will stop handling new requests for them until the server dies.

 

Check version

xinetd -version

xinetd Version 2.3.14 libwrap loadavg

Usage:

xinetd [-d] [-f config_file] [-filelog filename] [-syslog facility] [-reuse] [-limit proc_limit] [-pidfile filename] [-logprocs limit] [-shutdownprocs limit] [-cc interval]

有用的 opts

-d                           # debug  <-- 相當有用, 因為 Default 有錯都不會在 stdout 看到

-limit proc_limit       # number of concurrently running processes that can be started by xinetd.

xinetd -d -f /etc/xinetd.conf

12/4/28@00:20:39: DEBUG: 9132 {handle_includedir} Reading included configuration file: /etc/xinetd.d/munin [file=/etc/xinetd.conf] [line=6]
12/4/28@00:20:39: ERROR: 9132 {check_entry} service/protocol combination not in /etc/services: munin/tcp

/etc/xinetd.conf

defaults
{
    # ............
    log_type = SYSLOG daemon info
}
includedir /etc/xinetd.d

# 每一個 Service 的額外設定檔:

/etc/xinetd.d/file

service <service_name>
{
       <attribute> <assign_op> <value> <value> ...
       ...
}

assign_op

'=' 

'+= means adding a value to the set

'-=' means removing  a  value  from  the  set.

Example:

/etc/xinetd.d/munin-node

service munin
{
        disable         = no
        socket_type     = stream
        protocol        = tcp
        wait            = no
        instances       = 1
        user            = munin-node
        group           = munin-node
        only_from       = 192.168.88.175
        server          = /usr/bin/munin-node
        log_type        = /var/log/munin-node.log
        log_on_failure  = HOST
        log_on_success  = HOST
}

 

user:
group:

執行的 permission

disable

"yes" or "no"

socket_type:

stream | dgram | raw | seqpacket

一般而言, 都是用 stream

only_from:

X.X.X.X/32                          # list of IP addresses

wait:

yes => single-threaded

no => xinetd will keep handling new service requests and xinetd will accept the connection.

server:

server_args:

the  arguments  passed  to  the server

cps:

cps m n

m    # incoming connections is higher than this, the service will  be temporarily disabled.

n     # seconds to wait before re-enabling the service (default 10)

max_load:

load at which the service will stop accepting connections.

instances:          

number of servers that can be  simultaneously  active. Default: UNLIMITED

nice:

server priority

bind

Allows a service to be bound to a specific interface on the machine

flags

NOLIBWRAP   This  disables  internal calling of the tcpwrap library to determine access to the service.

IPv6        Sets the service to be an IPv6 service (AF_INET6), if IPv6 is available on the system.

IPv4        Sets the service to be an IPv4 service (AF_INET).

KEEPALIVE   If the service is a tcp service and the KEEPALIVE flag is set

NODELAY     If the service is a tcp service and the NODELAY flag is set

 

 


reload configure file

 

killall -HUP xinetd

 


DOC

man 5 xinetd.conf

 


Other