tcpd(8)
NAME
tcpd, tcpdp - waits for a TCP connection request and starts a server
SYNOPSIS
tcpd [-d] [-m maxclients] service program [arg...]
DESCRIPTION
Tcpd is a daemon, that is, a user-space program that is normally started
when the operating system is started and that normally does not terminate
until the system is shut down. Conceptually, you can think of tcpd as
doing nothing but listening to a port for a connection attempt. Several
copies of tcpd will typically be started, one for each service that is to
be provided. When a connection is detected the tcpd for that port forks
and then the child process execs an instance of the server for that port.
The above description is simplified. Normally two versions of the tcpd.c
source code are compiled. Tcpd is the one that waits for a connection.
When a connection occurs tcpd forks. If tcpd was started with options or
if the child detects that the access control file /etc/serv.access
exists, the child will exec its paranoid twin, tcpdp, which checks that
the connection attempt is from an allowed node or network, or that it is
not from a disallowed node or network. Tcpdp also tries to look up the
name corresponding to an IP address, and denies the connection if a name
cannot be found. Finally, tcpdp determines whether the connection is
supposed to be logged. If all is well, the child tcpd or tcpdp then execs
the server for the service with any arguments specified on the command
line for that server.
OPTIONS
-d turn on debugging.
-m allow no more than the specified maxclients to start.
EXAMPLES
tcpd telnet in.telnetd &
# wait for a telnet connection on the normal port
tcpd 8000 in.httpd /etc/httpd8000.conf &
# wait for web page request on port 8000 and use a
custom config file for the in.httpd program.
Note that command lines must be terminated with "&" to return control to
the calling process, leaving the daemon executing as a background
process.
The above examples show how tcpd might be invoked from /etc/rc or another
script that runs during system initialization. You will also see this in
the supplied startup scripts:
daemonize tcpd shell in.rshd
# daemonize is a shell function that tests whether a
daemon is present and starts it if so, using the & to
start it in the background.
Another case that should be mentioned is that when a system administrator
wants to start (or restart) a daemon from a command line, intr(8) should
be used, like this:
intr -d tcpd telnet in.telnetd &
# remove the daemon from a process group and connect
its input to /dev/null and its output to /dev/log.
FILES
/etc/serv.access The access control file.
SEE ALSO
execve(2), fork(2), intr(8), serv.access(5).
NOTES
That daemons cannot daemonize themselves is a way in which Minix differs
from most other Unix-like systems.
Allowing access to your system from the net is dangerous. Be sure you
know what you are doing. Be sure the owner of your net knows what you are
doing. Don't enable services you don't need. Enable logging and look at
your logs.
BUGS
None known, let us know...
AUTHOR
Kees J. Bot <kjb@cs.vu.nl>
Man page by Al Woodhull <asw@woodhull.com>
VERSION NOTE
This man page is applicable to Minix 2 and Minix 3 releases through Minix
3.1.2a. This page was not part of the standard set of man pages for Minix
releases through Minix 3.1.2a.