Re: xinetd vs. inetd

[S.Salman Ahmed <ssahmed@pathcom.com>]

>>>>> "NA" == Nate Amsden <aphro@aphroland.org> writes:
    NA>  curious what do you need (x)inetd for on a firewall? perhaps
    NA> the only daemon running on such a system is ssh..which by
    NA> default runs outside of inetd/xinetd.
    NA> 
    NA> although xinetd is better, if it were my firewall i wouldnt have
    NA> either.
    NA> 

You right. I don't have anything in my current /etc/inetd.conf on the FW
except ident which I installed for irc. I have ssh running on the FW but
as you said, it runs outside of inetd/xinetd.

I was just curious about xinetd - something new to experiment with;
esp. since I saw a couple of articles about xinetd on some sites that
piqued my curiosity about sth that I had never used.

Actually, one reason that I now remember being interested in xinetd was
the ability to restrict certain services running on the FW box to the
internal network interface only (eth1 in my case).

Currently, the only service on my FW box that probably shouldn't be
there is Postfix which I use together with fetchmail to read email from
my ISP's POP account. Since I occasionally have to use Windows at home,
it is nice having a server on 24x7 to which I can ssh into (from the
internal net only) to check my email.

I was thinking of running other stuff on the same box (Apache, Postgres,
etc.) while using xinetd to restrict outside access alongwith ipchains
of course, until I pick up a cheap 486 to run as a dedicated FW.

-- 
Salman Ahmed
ssahmed AT pathcom DOT com