This file is indexed.

/usr/share/doc/ipsvd/examples.html is in ipsvd 1.0.0-3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<title>ipsvd - examples</title>
</head>
<body>
<a href="http://smarden.org/pape/">G. Pape</a><br>
<a href="index.html">ipsvd</a><br>
<hr>
<h1>ipsvd - examples</h1>
<hr>
<a href="#tcp">TCP/IP services</a><br>
<a href="#udp">UDP/IP services</a><br>
<a href="#instruct"><i>ipsvd</i> instructions</a><br>
<hr>
<h3><a name="tcp">TCP/IP service examples</a></h3>
This <tt>run</tt> script provides an <i>identd</i> service on
<tt>0.0.0.0:113</tt>
<pre>
 #!/bin/sh
 exec tcpsvd -l0 0 113 identd
</pre>
This <tt>run</tt> script provides a
<a href="http://untroubled.org/mailfront/">smtpfront-qmail</a> service on
<tt>192.168.2.1:25</tt>, with per-host instructions through the constant
database <tt>./peers.cdb</tt>.
<pre>
 #!/bin/sh
 exec 2&gt;&amp;1
 MAXSMTPD="`cat /var/qmail/control/concurrencyincoming`"
 exec softlimit -m2000000 \
   env SMTPGREETING=smarden.org \
       MAILRULES=/etc/mailfront/smtp/mailrules \
   tcpsvd -vp -uqmaild -c"$MAXSMTPD" -x./peers.cdb 192.168.2.1 25 \
     smtpfront-qmail
</pre>
This <tt>run</tt> script provides a
<a href="http://www.bincimap.org/">bincimaps</a> service on
<tt>10.0.0.14:993</tt>, with per-host concurrency limit, and with per-host
instructions through the directory <tt>./peers</tt>.
<pre>
 #!/bin/sh
 exec 2&gt;&amp;1
 exec tcpsvd -vvp -c40 -C10 -l0 -i./peers 10.0.0.14 993 \
   bincimap-up --logtype=multilog --conf=/etc/bincimap/bincimap.conf --ssl -- \
     /usr/bin/checkpw /usr/sbin/bincimapd
</pre>
This <tt>run</tt> script provides a
<a href="http://www.bincimap.org/">bincimaps</a> service on
<tt>10.0.0.14:993</tt>, but using the <a href="sslio.8.html">sslio</a>
program, and so the <a href="http://www.matrixssl.org/">matrixssl</a>
library, instead of <tt>bincimap</tt>'s builtin <tt>OpenSSL</tt> support.
<pre>
 #!/bin/sh
 exec 2&gt;&amp;1
 exec tcpsvd -v -c40 -l0 10.0.0.14 993 \
   sslio -vv -C/imapd.pem -unobody -//etc/bincimap/bincimaps/jail \
     bincimap-up --conf=/etc/bincimap/bincimap.conf -a -- \
       /usr/bin/checkpw /usr/sbin/bincimapd
</pre>
This <tt>run</tt> script provides a
<a href="http://www.qmail.org/">qmail-smtpd</a> service on
<tt>192.168.14.6:25</tt>, with per-host concurrency limit, and with per-host
instructions through the directory <tt>./peers</tt>.
<pre>
 #!/bin/sh
 exec 2&gt;&amp;1
 exec softlimit -m2000000 \
  tcpsvd -vvh -i./peers -uqmaild \
    -c40 -C'10:421 per host concurrency limit reached\r\n' \
      192.168.14.6 25 qmail-smtpd
</pre>
This <tt>run</tt> script provides a
<a href="http://www.fefe.de/fnord/">fnord</a> <tt>https</tt> service on
<tt>10.0.5.4</tt>.
<pre>
 #!/bin/sh
 exec 2&gt;&amp;1
 cd /public/10.0.5.4
 exec chpst -m300000 -Uwwwuser tcpsvd -v 10.0.5.4 443 \
   sslio -v -unobody -//etc/fnord/jail -C./cert.pem fnord
</pre>
<hr>
<h3><a name="udp">UDP/IP service examples</a></h3>
This <tt>run</tt> script provides a <i>talkd</i> service on
<tt>192.168.1.1:517</tt>
<pre>
 #!/bin/sh
 exec udpsvd -unobody:tty 192.168.1.1 517 in.talkd
</pre>
This <tt>run</tt> script provides a <i>tftpd</i> service on
<tt>0.0.0.0:69</tt> with per-IP-address instructions through the directory
<tt>/etc/tftpd/peers</tt>
<pre>
 #!/bin/sh
 cd /
 exec 2&gt;&amp;1
 exec udpsvd -v -lbootserver -unobody -i/etc/tftpd/peers 0 69 \
   in.tftpd -s /boot/tftpboot/
</pre>
<hr>
<h3><a name="instruct"><i>ipsvd</i> instruction examples</a></h3>
This <tt>run</tt> script provides a <i>telnetd</i> TCP/IP service, with
per-IP-address <a href="ipsvd-instruct.5.html">instructions</a> through the
directory <tt>./peers</tt>
<pre>
 #!/bin/sh
 exec tcpsvd -i./peers 0.0.0.0 23 in.telnetd
</pre>
Per default any client IP address is allowed to connect to this service.
To allow connections from <tt>192.168.1.17</tt>, and to deny connections
from anywhere else, do
<pre>
 # touch ./peers/192.168.1.17; chmod 644 ./peers/192.168.1.17
 # touch ./peers/0; chmod 0 ./peers/0
</pre>
To allow connections from <tt>192.168.3.0-255</tt>, do
<pre>
 # touch ./peers/192.168.3; chmod 644 ./peers/192.168.3
</pre>
To deny connections from <tt>10.0.*.*</tt> explicitly, do
<pre>
 # touch ./peers/10.0; chmod 0 ./peers/10.0
</pre>
To have <tt>TRUST=true</tt> set in the environment when running
<i>in.telnetd</i> for a connection from <tt>192.168.14.2</tt>, do
<pre>
 # echo '+TRUST=true' >./peers/192.168.14.2; chmod 644 ./peers/192.168.14.2
</pre>
To provide a <i>sshd</i> login for connections from <tt>10.2.0.14</tt> on
port 23,
and the usual <i>telnetd</i> service for all others, do
<pre>
 # echo 'sshd -i' >./peers/10.2.0.14; chmod 744 ./peers/10.2.0.14
</pre>
To allow only connections from IP addresses the (dynamic) hostnames
<tt>floyd.dyn.smarden.org</tt> and <tt>greg.dyn.smarden.org</tt> currently
resolve to, do
<pre>
 # echo '=floyd.dyn.smarden.org' &gt;./peers/0
 # echo '=greg.dyn.smarden.org' &gt;&gt;./peers/0
 # chmod 644 ./peers/0
</pre>
See <a href="ipsvd-instruct.5.html">ipsvd instructions</a> for details.
<hr>
<address><a href="mailto:pape@smarden.org">
Gerrit Pape &lt;pape@smarden.org&gt;
</a></address>
</body>
</html>