tcpd(8)


NAME
     tcpd, tcpdp - waits for a TCP connection request and starts a server

SYNOPSIS
     tcpd [-d] [-m maxclients] service program [arg...]

DESCRIPTION
     Tcpd is a daemon, that is, a user-space program that is normally  started
     when the operating system is started and that normally does not terminate
     until the system is shut down.  Conceptually, you can think  of  tcpd  as
     doing  nothing  but listening to a port for a connection attempt. Several
     copies of tcpd will typically be started, one for each service that is to
     be  provided.  When a connection is detected the tcpd for that port forks
     and then the child process execs an instance of the server for that port.

     The above description is simplified. Normally two versions of the  tcpd.c
     source  code  are  compiled. Tcpd is the one that waits for a connection.
     When a connection occurs tcpd forks.  If tcpd was started with options or
     if  the  child  detects  that  the  access  control file /etc/serv.access
     exists, the child will exec its paranoid twin, tcpdp, which  checks  that
     the  connection attempt is from an allowed node or network, or that it is
     not from a disallowed node or network. Tcpdp also tries to  look  up  the
     name  corresponding to an IP address, and denies the connection if a name
     cannot be found. Finally, tcpdp  determines  whether  the  connection  is
     supposed to be logged. If all is well, the child tcpd or tcpdp then execs
     the server for the service with any arguments specified  on  the  command
     line for that server.

OPTIONS

     -d   turn on debugging.

     -m   allow no more than the specified maxclients to start.

EXAMPLES

     tcpd telnet in.telnetd &
                         # wait for a telnet connection on the normal port

     tcpd 8000 in.httpd /etc/httpd8000.conf &
                         # wait for web page request on port 8000  and  use  a
                         custom config file for the in.httpd program.

     Note that command lines must be terminated with "&" to return control  to
     the  calling  process,  leaving  the  daemon  executing  as  a background
     process.

     The above examples show how tcpd might be invoked from /etc/rc or another
     script that runs during system initialization.  You will also see this in
     the supplied startup scripts:
     daemonize tcpd shell in.rshd
                         # daemonize is a shell function that tests whether  a
                         daemon is present and starts it if so, using the & to
                         start it in the background.

     Another case that should be mentioned is that when a system administrator
     wants  to start (or restart) a daemon from a command line, intr(8) should
     be used, like this:

     intr -d tcpd telnet in.telnetd &
                         # remove the daemon from a process group and  connect
                         its input to /dev/null and its output to /dev/log.

FILES

     /etc/serv.access         The access control file.

SEE ALSO
     execve(2), fork(2), intr(8), serv.access(5).

NOTES
     That daemons cannot daemonize themselves is a way in which Minix  differs
     from most other Unix-like systems.

     Allowing access to your system from the net is  dangerous.  Be  sure  you
     know what you are doing. Be sure the owner of your net knows what you are
     doing. Don't enable services you don't need.  Enable logging and look  at
     your logs.

BUGS
     None known, let us know...

AUTHOR
     Kees J. Bot <kjb@cs.vu.nl>

     Man page by Al Woodhull <asw@woodhull.com>

VERSION NOTE

     This man page is applicable to Minix 2 and Minix 3 releases through Minix
     3.1.2a. This page was not part of the standard set of man pages for Minix
     releases through Minix 3.1.2a.