This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Subject: xinetd-2.1.8.8pre11-1 From: Ryan Weaver <ryanw@infohwy.com> Date: Thu, 3 Feb 2000 13:43:31 -0600 xinetd-2.1.8.8pre11-1.src.rpm 277593 xinetd-2.1.8.8pre11-1rh52.i386.rpm 113129 xinetd-2.1.8.8pre11-1rh61.i386.rpm 117274 xinetd-devel-2.1.8.8pre11-1rh52.i386.rpm 89107 xinetd-devel-2.1.8.8pre11-1rh61.i386.rpm 98725 Download locations and build machine information listed below. RPMs are built with rpm version 3.0.3. Required programs listed are either updates or are not in the default RedHat 6.1 installation. Name : xinetd Relocations: (not relocateable) Version : 2.1.8.8pre11 Vendor: Rob Braun <bbraun@synack.net> Release : 1 Build Date: Thu 03 Feb 2000 01:28:12 PM CST Install date: Thu 03 Feb 2000 01:29:44 PM CST Build Host: hellstone.infohwy.com Group : System Environment/Daemons Source RPM: xinetd-2.1.8.8pre11-1.src.rpm Size : 253770 License: BSD Distribution: Freshmeat RPMs Packager : Ryan Weaver <ryanw@infohwy.com> URL : http://synack.net/xinetd Summary : xinetd is a powerful replacement for inetd. Description : xinetd is a powerful replacement for inetd. xinetd has access control machanisms, extensive logging capabilities, the ability to make services available based on time, and can place limits on the number of servers that can be started, among other things. xinetd has the ability to redirect TCP streams to a remote host and port. This is useful for those of that use ip masquerading, or NAT, and want to be able to reach your internal hosts. xinetd also has the ability to bind specific services to specific interfaces. This is useful when you want to make services available for your internal network, but not the rest of the world. Or to have a different service running on the same port, but different interfaces. Built with the following configure option(s). --prefix=/usr, --with-libwrap Requires: -------------------------------------------------------------------- Standard Red Hat 6.1 installation -------------------------------------------------------------------- Name : xinetd-devel Relocations: (not relocateable) Version : 2.1.8.8pre11 Vendor: Rob Braun <bbraun@synack.net> Release : 1 Build Date: Thu 03 Feb 2000 01:28:12 PM CST Install date: Thu 03 Feb 2000 01:29:44 PM CST Build Host: hellstone.infohwy.com Group : Development/Libraries Source RPM: xinetd-2.1.8.8pre11-1.src.rpm Size : 308337 License: BSD Distribution: Freshmeat RPMs Packager : Ryan Weaver <ryanw@infohwy.com> URL : http://synack.net/xinetd Summary : Static libraries and header files for xinetd Description : The static libraries and header files for xinetd. Requires: -------------------------------------------------------------------- Package Distribution (Or Url) ==================================================================== xinetd-2.1.8.8pre11-1 Freshmeat RPMs -------------------------------------------------------------------- %CHANGELOG * Thu Feb 03 2000 Ryan Weaver <ryanw@infohwy.com> [xinetd-2.1.8.8pre11-1] - Always calls no_control_tty(). This then calls setsid(), which fixes some problems on FreeBSD. * Tue Feb 01 2000 Ryan Weaver <ryanw@infohwy.com> [xinetd-2.1.8.8pre10-1] - Fixed a problem with the banner_fail parser. - Added IPv6 support to xinetd. - Added the option "cps". This allows you to disable a service if - Made the options mask_t an unsigned long long (64bits on x86) instead of an unsigned. - Added the option "enabled", similar to the "disabled" function. - Changed the behavior of only_from and no_access. First, if you - Added the ability to specify .domain.com to the access control options. - The enable function didn't work. It worked for one entry, but limits.h is included in parsers.c now, because of LONG_MIN and LONG_MAX. - Added a check for sys_siglist in the configuration script. This - Fixed numeric addresses being entered in the only_from field. - Fixed year formatting in log to print 00 instead of 100. - Fixed the TIMEOFFSET macro in builtins.c so the 'time' service printed the correct output. - Fixed a problem where banners would not work saying "could not find banner: bannername<garbage here>". - The dump file was logging the ip address incorrectly for only_from addresses. - BSDI 4.1 was not compiling correctly, "inet_ntoa" not found. - Some BSD's don't let you set the group permissions of a process to NULL, so you get the setgroups(0,NULL) error whenever a connection is made. - Fixed a syntax error when compiling IPv6 support. * Wed Oct 20 1999 Ryan Weaver <ryanw@infohwy.com> [xinetd-2.1.8.7-1] - Fixed per_source to actually work properly. - Added the NODELAY flag. This will set the TCP_NODELAY sockopt on the socket. If the service is not a TCP service, then this flag has no effect. - Updated the man page with more explicit definition of the "groups" attribute. - Includes xconv.pl to replace itox. xconv.pl handles most of the inetd.conf files I've seen, including the use of tcpd, even though it is recommended that you compile with libwrap instead of using tcpd. - Includes a man page to itox donated by Norbert Veber of Debian. - Updates to configure and Makefile to better handle the configuration of install directories. Again, changes donated by Debian group. - Updates to itox to handle user.group syntax and checking on "wait". [xinetd-2.1.8.6b7-1] - Updated the make files to not require absolute paths. This will help with people having problems with the LOCATION Makefile variable. - Updated configure to compile properly with Debian's version of libwrap and glibc (look for yp_get_default_domain in nsl) - If banner directive is used, banner is printed regardless of access control. It is actually printed before access control check take place. banner_success and banner_fail are added to explicitly give a message depending on access control. - Added banner_success option. This is a banner that is printed when access to the service is granted. This is before any attempt to execute the server has been made. The service may still fail but it will not be for access control reasons. - Added banner_fail option. This is a banner that is printed when access to the service has been denied. This allows you to inform your users that they are doing something bad and they shouldn't be doing it anymore. - Added max_load option. This option allows the operator to specify the max load at which to run the service. If the machine reaches the specified max load level, connections are denied to that service. Each service can have a different max_load, and it can be listed in the default service. Linux is working, Solaris is kind of wierd. Solaris people should try it, but don't use it as a real security mechanism yet. 2.6 and 2.7 should be fine. I'm not sure about 2.5.1 and earlier. * Fri Jul 16 1999 Ryan Weaver <ryanw@infohwy.com> [xinetd-2.1.8.6b6-1] - 2.1.8.6b6 7/99: - Added ability to use names for the bind and redirect functions. They lookup the name, and use the first address it returns. They only do the lookup once. - Added "interface" as an alias to "bind" - Fixed potential bug with redirection losing data. Pointed out by Solar Designer - Fixed potential bug in the parsing of xadmin commands. Pointed out by Solar Designer - Changed default location of the dump file to /var/run/xinetd.dump configurable in config.h - Added Solar Designer's per_source feature. Allows you to limit the number of services spawned per source address. - Added Solar Designer's supplementary groups fix. * Tue Apr 20 1999 Ryan Weaver <ryanw@infohwy.com> [xinetd-2.1.8.6b5-1] - 2.1.8.6b5 4/99: - Some versions of libwrap needed allow_severity. Added it. - Changed severity to INFO from WARNING. ================================================================== RPMs are built on a Pentium II 450mhz w/98megs RAM with RedHat 6.1 plus updates from ftp://updates.redhat.com installed. These files are also available on the following sites ftp://ftp.falsehope.com/pub/xinetd ftp://ftp.tux.org/pub/sites/ftp.falsehope.com/xinetd ftp://ftp.freshmeat.net/pub/rpms/xinetd PGP Key can be found at ftp://ftp.falsehope.com/pub/Ryan_Weaver.pgp.key GPG Key can be found at ftp://ftp.falsehope.com/pub/Ryan_Weaver.gpg.key ===