On 5/25/05, Steven M. Bellovin <smb@cs.columbia.edu> wrote:
> In message <78a2305a05052509541e8fb153@mail.gmail.com>, Andy Ruhl writes:
> >I'm still working on this migration thing for my server. I've started
> >to get a few things up and running, but I have some general questions:
> >
> >1. FreeBSD's inetd (I know I know, shouldn't use it blah blah :) is
> >able to decide which address it's going to listen on. This was handy
> >because I find it convenient to use it on my internal network, but of
> >course I don't want it listening on my external network. Is there some
> >nice way to achieve this for NetBSD, other than writing a rule to
> >block things that the inetd will listen for? I suppose I could use
> >wrappers too...
>=20
> You can list IP addresses on a per-service basis in inetd.conf.
> >
> >3. Is there a way to turn on and off multi cpu support without a
> >recompile? Probably a stupid question... I may be moving this NetBSD
> >install to a multi cpu machine at some point.
> >
> I don't think there is any way.

Thanks guys. I didn't read the inetd man page closely enough. And I
had never previously seen this syntax. So for example:

192.168.1.1:telnet   stream  tcp     nowait  root  =20
/usr/libexec/telnetd telnetd

I confirmed with netstat -an that port 23 is only listening on
192.168.1.1, not *.23.

Thanks for that.

Might still be nice to just restrict the entire inetd to an address or
interface, but this will do nicely.

Andy