protocol failure in circuit setup Post: 302319285

Sponsored Content

Top Forums UNIX for Advanced & Expert Users protocol failure in circuit setup Post 302319285 by peterr on Monday 25th of May 2009 01:21:24 AM

05-25-2009

Registered User

inetd does rate-limiting. By default it stops at 40 connections per minute and then "punishes" you with 10 minutes of not listening anymore.

In /etc/inetd.conf, try this:

shell stream tcp nowait.1000 root /usr/sbin/tcpd in.rshd -L

Instead of this:

shell stream tcp nowait root /usr/sbin/tcpd in.rshd -L

For xinetd, there are more options (and more explicit):

cps

Limits the rate of incoming connections. Takes two arguments. The first argument is the number of connections per second to handle. If the rate of incoming connections is higher than this, the service will be temporarily disabled. The second argument is the number of seconds to wait before re-enabling the service after it has been disabled. The default for this setting is 50 incoming connections and the interval is 10 seconds.

max_load

Takes a floating point value as the load at which the service will stop accepting connections. For example: 2 or 2.5. The service will stop accepting connections at this load. This is the one minute load average. This is an OS dependent feature, and currently only Linux, Solaris, and FreeBSD are supported for this. This feature is only avaliable if xinetd was configured with the -with-load-avg option.

peterr

View Public Profile for peterr

Find all posts by peterr

6 More Discussions You Might Find Interesting

1. AIX

NIM server setup on etherchannel setup environment

I know that IBM's official stance is that NIM does not work on etherchannel environment, but has anyone able to get around it? I'm working on a p5-590 LPAR system, and the NIM master and clients are all on the same frame. Any help is appreciated.

2. Homework & Coursework Questions

USB Circuit Question

My problem is I need to control a 7 segment LED circuit (currently on a breadboard, eventually on a PCB). The only option I have from my PC is through USB. The circuit I have built on a breadboard uses 7 segment LED's and 4206 decade counters. I have cut a USB cable in half, and am using the...

3. UNIX for Dummies Questions & Answers

boot up failure unix sco after power failure

hi power went out. next day unix sco wont boot up error code 303. any help appreciated as we are clueless.

4. Shell Programming and Scripting

Short circuit if

Hello everyone, just wondering if this type of if condition will execute properly. Suppose I have a script with two functions in it called abc and def: is this code valid, or is there a better way to short circuit the if statement? #! /bin/ksh93 abc(){ statement 1 using $1 statement 2...

5. UNIX and Linux Applications

UNIX Circuit Design System

Hi all. In some articles I have read about a "UNIX Circuit Design System", which was written originally in some version of Research UNIX by Sandy Fraser. Here is a quote from the article "A Research UNIX Reader: Annotated Excerpts from the Programmer's Manual", by Douglas McIlroy: Even...

6. Answers to Frequently Asked Questions

Running Turbo-cad and circuit wizard programmes.

Hi. i am new to Linux. i have a Turbo-cad and circuit wizard programme on CD that I want to install and run. I keep getting the message I do not have an auto-run programme. Do I need to install specific drivers for this? What programme do I need?

LEARN ABOUT DEBIAN

in.rshd

RSHD(8) 						    BSD System Manager's Manual 						   RSHD(8)

NAME

     rshd -- remote shell server

SYNOPSIS

     rshd [-aiklnvxPL] [-p port]

DESCRIPTION

     rshd is the server for the rsh(1) program. It provides an authenticated remote command execution service.	Supported options are:

     -n, --no-keepalive
	     Disables keep-alive messages.  Keep-alives are packets sent at certain intervals to make sure that the client is still there, even
	     when it doesn't send any data.

     -k, --kerberos
	     Assume that clients connecting to this server will use some form of Kerberos authentication. See the EXAMPLES section for a sample
	     inetd.conf(5) configuration.

     -x, --encrypt
	     For Kerberos 4 this means that the connections are encrypted. Kerberos 5 can negotiate encryption even without this option, but if
	     it's present rshd will deny unencrypted connections. This option implies -k.

     -v, --vacuous
	     If the connecting client does not use any Kerberised authentication, print a message that complains about this fact, and exit. This
	     is helpful if you want to move away from old port-based authentication.

     -P      When using the AFS filesystem, users' authentication tokens are put in something called a PAG (Process Authentication Group). Multi-
	     ple processes can share a PAG, but normally each login session has its own PAG. This option disables the setpag() call, so all tokens
	     will be put in the default (uid-based) PAG, making it possible to share tokens between sessions. This is only useful in peculiar
	     environments, such as some batch systems.

     -i, --no-inetd
	     The -i option will cause rshd to create a socket, instead of assuming that its stdin came from inetd(8).  This is mostly useful for
	     debugging.

     -p port, --port=port
	     Port to use with -i.

     -a      This flag is for backwards compatibility only.

     -L      This flag enables logging of connections to syslogd(8).  This option is always on in this implementation.

FILES

     /etc/hosts.equiv
     ~/.rhosts

EXAMPLES

     The following can be used to enable Kerberised rsh in inetd.cond(5), while disabling non-Kerberised connections:

     shell   stream  tcp  nowait  root	/usr/libexec/rshd  rshd -v
     kshell  stream  tcp  nowait  root	/usr/libexec/rshd  rshd -k
     ekshell stream  tcp  nowait  root	/usr/libexec/rshd  rshd -kx

SEE ALSO

     rsh(1), iruserok(3)

HISTORY

     The rshd command appeared in 4.2BSD.

AUTHORS

     This implementation of rshd was written as part of the Heimdal Kerberos 5 implementation.

HEIMDAL 
							 November 22, 2002							   HEIMDAL