diff --git a/usr.sbin/inetd/inetd.conf b/usr.sbin/inetd/inetd.conf index 09dfbab66496..84ba309f0b0c 100644 --- a/usr.sbin/inetd/inetd.conf +++ b/usr.sbin/inetd/inetd.conf @@ -1,149 +1,149 @@ # $FreeBSD$ # # Internet server configuration database # # Define *both* IPv4 and IPv6 entries for dual-stack support. # To disable a service, comment it out by prefixing the line with '#'. # To enable a service, remove the '#' at the beginning of the line. # #ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l #ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l #ssh stream tcp nowait root /usr/sbin/sshd sshd -i -4 #ssh stream tcp6 nowait root /usr/sbin/sshd sshd -i -6 -#telnet stream tcp nowait root /usr/libexec/telnetd telnetd -#telnet stream tcp6 nowait root /usr/libexec/telnetd telnetd +#telnet stream tcp nowait root /usr/local/libexec/telnetd telnetd +#telnet stream tcp6 nowait root /usr/local/libexec/telnetd telnetd #shell stream tcp nowait root /usr/local/sbin/rshd rshd #shell stream tcp6 nowait root /usr/local/sbin/rshd rshd #login stream tcp nowait root /usr/local/sbin/rlogind rlogind #login stream tcp6 nowait root /usr/local/sbin/rlogind rlogind #finger stream tcp nowait/3/10 nobody /usr/libexec/fingerd fingerd -k -s #finger stream tcp6 nowait/3/10 nobody /usr/libexec/fingerd fingerd -k -s # # run comsat as root to be able to print partial mailbox contents w/ biff, # or use the safer tty:tty to just print that new mail has been received. #comsat dgram udp wait tty:tty /usr/libexec/comsat comsat # # ntalk is required for the 'talk' utility to work correctly #ntalk dgram udp wait tty:tty /usr/libexec/ntalkd ntalkd #tftp dgram udp wait root /usr/libexec/tftpd tftpd -l -s /tftpboot #tftp dgram udp6 wait root /usr/libexec/tftpd tftpd -l -s /tftpboot #bootps dgram udp wait root /usr/libexec/bootpd bootpd # # "Small servers" -- used to be standard on, but we're more conservative # about things due to Internet security concerns. Only turn on what you # need. # #daytime stream tcp nowait root internal #daytime stream tcp6 nowait root internal #daytime dgram udp wait root internal #daytime dgram udp6 wait root internal #time stream tcp nowait root internal #time stream tcp6 nowait root internal #time dgram udp wait root internal #time dgram udp6 wait root internal #echo stream tcp nowait root internal #echo stream tcp6 nowait root internal #echo dgram udp wait root internal #echo dgram udp6 wait root internal #discard stream tcp nowait root internal #discard stream tcp6 nowait root internal #discard dgram udp wait root internal #discard dgram udp6 wait root internal #chargen stream tcp nowait root internal #chargen stream tcp6 nowait root internal #chargen dgram udp wait root internal #chargen dgram udp6 wait root internal # # CVS servers - for master CVS repositories only! You must set the # --allow-root path correctly or you open a trivial to exploit but # deadly security hole. # #cvspserver stream tcp nowait root /usr/local/bin/cvs cvs --allow-root=/your/cvsroot/here pserver #cvspserver stream tcp nowait root /usr/local/bin/cvs cvs --allow-root=/your/cvsroot/here kserver # # RPC based services (you MUST have rpcbind running to use these) # #rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd #rusersd/1-2 dgram rpc/udp wait root /usr/libexec/rpc.rusersd rpc.rusersd #walld/1 dgram rpc/udp wait root /usr/libexec/rpc.rwalld rpc.rwalld #rquotad/1 dgram rpc/udp wait root /usr/libexec/rpc.rquotad rpc.rquotad #rquotad/1 dgram rpc/udp6 wait root /usr/libexec/rpc.rquotad rpc.rquotad #sprayd/1 dgram rpc/udp wait root /usr/libexec/rpc.sprayd rpc.sprayd # # example entry for the optional imap4 server # #imap4 stream tcp nowait root /usr/local/libexec/imapd imapd # # example entry for the optional nntp server # #nntp stream tcp nowait news /usr/local/libexec/nntpd nntpd # # example entry for the optional uucpd server # #uucpd stream tcp nowait root /usr/local/libexec/uucpd uucpd # # Return error for all "ident" requests # #auth stream tcp nowait root internal #auth stream tcp6 nowait root internal # # Provide internally a real "ident" service which provides ~/.fakeid support, # provides ~/.noident support, reports UNKNOWN as the operating system type # and times out after 30 seconds. # #auth stream tcp nowait root internal auth -r -f -n -o UNKNOWN -t 30 #auth stream tcp6 nowait root internal auth -r -f -n -o UNKNOWN -t 30 # # Example entry for an external ident server # #auth stream tcp wait root /usr/local/sbin/identd identd -w -t120 # # Example entry for the optional qmail MTA # NOTE: This is no longer the correct way to handle incoming SMTP # connections for qmail. Use tcpserver (http://cr.yp.to/ucspi-tcp.html) # instead. # #smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qmail-smtpd # # Example entry for Samba sharing for the SMB protocol # # Enable the first two entries to enable Samba startup from inetd (according to # the Samba documentation). Enable the third entry only if you have other # NetBIOS daemons listening on your network. Enable the fourth entry to use # the swat Samba configuration tool. #netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd #microsoft-ds stream tcp nowait root /usr/local/sbin/smbd smbd #netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd #swat stream tcp nowait/400 root /usr/local/sbin/swat swat # # Example entry for the Prometheus sysctl metrics exporter # #prom-sysctl stream tcp nowait nobody /usr/sbin/prometheus_sysctl_exporter prometheus_sysctl_exporter -dgh # # Example entry for the CTL exporter #prom-ctl stream tcp nowait root /usr/bin/ctlstat ctlstat -P # # Example entry for insecure rsync server # This is best combined with encrypted virtual tunnel interfaces, which can be # found with: apropos if_ | grep tunnel #rsync stream tcp nowait root /usr/local/bin/rsyncd rsyncd --daemon # # Let the system respond to date requests via tcpmux #tcpmux/+date stream tcp nowait guest /bin/date date # # Let people access the system phonebook via tcpmux #tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook # # Make kernel statistics accessible #rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd # # Use netcat as a one-shot HTTP proxy with nc (from freebsd-tips fortune) #http stream tcp nowait nobody /usr/bin/nc nc -N dest-ip 80 # # Set up a unix socket at /var/run/echo that echo's back whatever is written to it. #/var/run/echo stream unix nowait root internal # # Run chargen for IPsec Authentication Headers #@ ipsec ah/require #chargen stream tcp nowait root internal #@