identd and xinetd
Bill Tangren
bjt at aa.usno.navy.mil
Thu Mar 17 16:42:36 UTC 2005
Hello all,
I am running RHEL ES 4, and I am trying to get identd to run under
xinetd (behind a firewall, of course!). I want my inn server to use
identd to verify that those who are logging in to my server to post
newsgroup messages a) have an account on the machine, and b) are using
the ssl port (563) only through the firewall. I have been posting my
difficulties on the inn-workers listserv, and have concluded that the
problem I am currently having is with the identd server. I installed
version 1.3 of Linux-identd. I have set up identd in /etc/xinetd.d this way:
service auth
{
socket_type = stream
protocol = tcp
wait = yes
user = nobody
server = /usr/sbin/in.identd
server_args = in.identd -l -e
disable = no
}
I tested this by running tcpdump:
# tcpdump -l -i lo | grep auth
From another terminal window on the local server, I typed:
$ telnet localhost auth
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
Connection closed by foreign host.
$
This fails quickly. This is the tcpdump output:
10:32:50.852063 IP news.server.com.33283 > news.server.com.auth: S
126727716:126727716(0) win 32767 <mss 16396>
10:32:50.852356 IP news.server.com.auth > news.server.com.33283: S
142417215:142417215(0) ack 126727717 win 32767 <mss 16396>
10:32:50.852419 IP news.server.com.33283 > news.server.com.auth: . ack 1
win 32767
10:32:50.925271 IP news.server.com.auth > news.server.com.33283: R
1:1(0) ack 1 win 32767
According to http://www.mandrakehelp.com/identd-HOWTO-4.html, this is
not how identd should behave.
I believe that telnet should not have been summarily closed in that fashion.
I've been researching in the Internet, and in the archives of this list.
No joy.
What am I doing wrong?
Bill Tangren
More information about the redhat-list
mailing list