From: pen@lysator.liu.se (Peter Eriksson) Subject: Re: RFC931 and net additions to procfs Date: Thu, 4 Feb 1993 15:39:58 GMT
mbeattie@black.ox.ac.uk (Malcolm Beattie) writes:
...
>It was I who wrote the `MB>' stuff. I suppose the best way
>to deal with RFC931 requests is to respond to them. For those
>unfamiliar with RFC931, it is a protocol for a server that
Actually, RFC931 has been superseeded with the new RFC1413.
(Which is upwardly compatible with RFC931).
...
>linux box used port 4567. The server sends back something like
>4567, 23 : USERID : UNIX-PC : fred (*)
Actually, I think the correct response should be just "UNIX", not
"UNIX-PC" since Linux is (or wants to be) Posix compatible..
>The standard server uses `netstat' to do its dirty work
>digging around for lists of tcp connections and port numbers
>and cuts out the username from the appropriate line.
There are two "standard" servers, Dan Bernsteins "authd" and my
"pidentd". (The reason for the quotation marks around "standard"
is that there really aren't any officially sanctioned servers).
Dan's "authd" uses "netstat" and is because of that rather slow.
My "pidentd" does the dirtywork needed to read the kernel memory
directly (via /dev/kmem). Neither of them will work right away
on Linux.
>Rather than port netstat to linux (maybe it has already been
>done), it might be nice to extend the proc filesystem to have
>entries corresponding to network connections rather like it
>has for ordinary file descriptors. Comments, anyone?
I have been thinking about that, but have been unable to allocate
the time to implement it. Another way to do it would be to
create a new kernel function call 'getsockowner()' to get the
information needed (process and uid/euid/gid/egid numbers).
I think the 'getsockowner()' way is easier to implement, but the
"proc"-fs-way would be nicer. Actually what I've been thinking of
doing is a more general thing something I call the "netfs". That way
one could do:
foo% ls /net/ip/tcp
to see active connections. And even perhaps do:
foo% kermit -l /net/ip/tcp/130.236.254.150:2000
to start up kermit with a Telnet link to NannyMUD :-)
If one does "int fd = open("/net/ip/tcp")" then that would be the
equivalent of "int fd = socket(AF_INET, SOCK_STREAM, 0)".
Anyway, I haven't written any of this stuff yet and don't hold your
breath waiting for it - implement it yourself! :-)
Btw, are there anybody else but me that are annoyed that the directory
in the Linux sources that contains the IP network code is called "tcp"
instead of "ip"? I mean, "/usr/src/linux/net/tcp/udp.c" is a really bogus
name... (UDP over TCP? What's that? UDP runs over IP... as does TCP. :-)
If people doesn't want to wait for someone to create an IDENT (the new
name of the protocol as per RFC1413) server then you could just add the
following to your system in the meanwhile:
Edit "services" to contain the line:
"ident 113/tcp auth tap # TCP Identification Service"
Then edit "inetd.conf" to contain the line:
"ident stream tcp nowait root /bin/cat cat /etc/ident.reply"
Then edit the file "/etc/ident.reply" to contain the line:
"0 , 0 : ERROR : UNKNOWN-ERROR"
And that is all you need to do to create an IDENT-compliant IDENT server.
(Which doesn't do much good except for atleast replying with a valid
response).
You can find IDENT/RFC1413 servers/libraries/documentation at
"ftp.lysator.liu.se:pub/ident" or "ftp.uu.net:pub/networking/ident".
/Peter