IPv6 Server: Internet super daemon (xinetd)

From OnnoWiki
Revision as of 07:03, 23 May 2013 by Onnowpurbo (talk | contribs) (New page: 22.2. Internet super daemon (xinetd) IPv6 is supported since xinetd version around 1.8.9. Always use newest available version. At least version 2.3.3 must be used, older versions can cont...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

22.2. Internet super daemon (xinetd)

IPv6 is supported since xinetd version around 1.8.9. Always use newest available version. At least version 2.3.3 must be used, older versions can contain remote exploitable security holes.

Some Linux distribution contain an extra package for the IPv6 enabled xinetd, some others start the IPv6-enabled xinetd if following variable is set: NETWORKING_IPV6="yes", mostly done by /etc/sysconfig/network (only valid for Red Hat like distributions). In newer releases, one binary supports IPv4 and IPv6.

If you enable a built-in service like e.g. daytime by modifying the configuration file in /etc/xinetd.d/daytime like

  1. diff -u /etc/xinetd.d/daytime.orig /etc/xinetd.d/daytime

--- /etc/xinetd.d/daytime.orig Sun Dec 16 19:00:14 2001 +++ /etc/xinetd.d/daytime Sun Dec 16 19:00:22 2001 @@ -10,5 +10,5 @@

       protocol = tcp 
       user = root 
       wait = no 

- disable = yes + disable = no

}

After restarting the xinetd you should get a positive result like:

  1. netstat -lnptu -A inet6 |grep "xinetd*"

tcp 0 0 ::ffff:192.168.1.1:993 :::* LISTEN 12345/xinetd-ipv6 tcp 0 0 :::13 :::* LISTEN 12345/xinetd-ipv6 <- service ¬ daytime/tcp tcp 0 0 ::ffff:192.168.1.1:143 :::* LISTEN 12345/xinetd-ipv6

Shown example also displays an IMAP and IMAP-SSL IPv4-only listening xinetd.

Note: earlier versions had a problem that an IPv4-only xinetd won't start on an IPv6-enabled node and also the IPv6-enabled xinetd won't start on an IPv4-only node. This is known to be fixed in later versions, at least version 2.3.11.