15.10. Creating an Extended Internet Service
If you want to enable a protocol that is not in the list on the main page, or redirect traffic from a particular port to another host, then you will need to create a new service using this module. The appropriate server program for the service must be installed first, unless you are setting a redirection. The steps to follow are:
1. | Click on the Create a new internet service above or below the list on the main page. This will take you to the creation form, similar to the one in Figure 15.5. |
2. | If the service is for a standard protocol like telnet or finger, enter its name in the Service name field. The Port number can then be left set to Standard. Otherwise, enter a unique name into the Service name field and set the Port number to the port you want the service to listen on. |
3. | If you want the service to be accessible only via a single IP address on your server, enter it into the Bind to address field. This can be useful if you have multiple virtual IP interfaces on your system and want different servers to listen on different addresses. |
4. | Set the Protocol field to the protocol you want the service to use, usually TCP. The Socket type field should be set to Stream for TCP protocol services, or Datagram for UDP services. |
5. | If your service is going to use a server program, set the Service handled by option to the Server program option and enter its command and any arguments into the field next to it—for example, /usr/sbin/in.telnetd –a. If the service is just redirecting traffic to another host, select the Redirect to host option and enter the destination hostname and port in the corresponding fields. Redirection can be useful for making services on an internal network system available to the rest of the Internet, if your firewall or gateway host is running xinetd. |
6. | In the Run as user field, enter the name of the UNIX user that the server program will be run as. This is not necessary for redirection services. |
7. | Unless the server program always completes very quickly, set the Wait until complete field to No. If you leave it set to Yes, xinetd will not process any more connections until the program finishes. |
8. | To limit the rate at which clients can connect, set the Max concurrent servers and Maximum connections per second fields as explained in Section 15.9 “Enabling or Editing an Extended Internet Service”. |
9. | To limit the addresses from which clients can connect or the times at which connections are allowed, set the fields under Service access control as explained in the list above. |
10. | |
11. | Click the Apply Changes button to make the service active. |
Once a service has been created, you can test it by running telnet localhost portnumber at the shell prompt on your system. You can edit or delete your service at any time by following the instructions in Section 15.9 “Enabling or Editing an Extended Internet Service”.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.