identd and xinetd

[Bill Tangren]

Hello all,

I am running RHEL ES 4, and I am trying to get identd to run under 
xinetd (behind a firewall, of course!). I want my inn server to use 
identd to verify that those who are logging in to my server to post 
newsgroup messages a) have an account on the machine, and b) are using 
the ssl port (563) only through the firewall. I have been posting my 
difficulties on the inn-workers listserv, and have concluded that the 
problem I am currently having is with the identd server. I installed 
version 1.3 of Linux-identd. I have set up identd in /etc/xinetd.d this way:

service auth
{
          socket_type             = stream
          protocol                = tcp
          wait                    = yes
          user                    = nobody
          server                  = /usr/sbin/in.identd
          server_args             = in.identd -l -e
          disable                 = no
}

I tested this by running tcpdump:

# tcpdump -l -i lo | grep auth

 From another terminal window on the local server, I typed:


$ telnet localhost auth
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
Connection closed by foreign host.
$

This fails quickly.  This is the tcpdump output:


10:32:50.852063 IP news.server.com.33283 > news.server.com.auth: S
126727716:126727716(0) win 32767 <mss 16396>

10:32:50.852356 IP news.server.com.auth > news.server.com.33283: S
142417215:142417215(0) ack 126727717 win 32767 <mss 16396>

10:32:50.852419 IP news.server.com.33283 > news.server.com.auth: . ack 1
win 32767

10:32:50.925271 IP news.server.com.auth > news.server.com.33283: R
1:1(0) ack 1 win 32767

According to http://www.mandrakehelp.com/identd-HOWTO-4.html, this is
not how identd should behave.

I believe that telnet should not have been summarily closed in that fashion.

I've been researching in the Internet, and in the archives of this list. 
No joy.

What am I doing wrong?

Bill Tangren