Re: Is inetd a proxy server?
At 11:12 AM 2/22/2004, Matthew Seaman wrote: A proxy listens to all of your request, and then opens up a second connection to the real server (or another proxy) for you and replays your request to it -- so all of the traffic is relayed through the proxy. Newbie here Matthew. Could you please explain how a proxy differs from a router? Or are they in many ways intersecting in their functionality? e.g. I've got a class c network in my office and recently learned how to use apache to reverse proxy a request so that http://my-ip-adr/fbsd becomes the same as http://fbsd, where the latter is mapped to the ip addr for my fbsd box on the lan by apache. (which btw is kind of cool) The point of having inetd(8) is that it provides is a mechanism so that you don't have to have umpty-dozen different small servers running all of the time and taking up your process space. I notice that mingetty runs ~ half a dozen instances on my box, waiting for console users that will never come since as a rule I do everything thru ssh on my windows workstation. And httpd, though I've cut the child process spec down on the apache conf since it's not needed. Of course the saved cycles aren't needed either in my current environment. :) Could httpd be set up to run via inetd instead of on its own? If so, is it not typically done this way because it is usually the biggie app on servers? Following that reasoning, if a server were primarily used for ftp would it make sense to remove ftpd from inetd's conf file and instead start it as a service, assuming that were possible? Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is inetd a proxy server?
On Sun, Feb 22, 2004 at 11:58:10AM -0500, Marty Landman wrote: At 11:12 AM 2/22/2004, Matthew Seaman wrote: A proxy listens to all of your request, and then opens up a second connection to the real server (or another proxy) for you and replays your request to it -- so all of the traffic is relayed through the proxy. Newbie here Matthew. Could you please explain how a proxy differs from a router? Or are they in many ways intersecting in their functionality? e.g. I've got a class c network in my office and recently learned how to use apache to reverse proxy a request so that http://my-ip-adr/fbsd becomes the same as http://fbsd, where the latter is mapped to the ip addr for my fbsd box on the lan by apache. (which btw is kind of cool) Sure. A router deals with network traffic at the IP level -- sometimes described as Layer 3 on the OSI 7 layer model. In plain English, the router doesn't care what's inside the packets: it just looks at the IP numbers in the headers and relays the packets appropriately. A router will work for all sorts of traffic -- HTTP, FTP, SSH, SMTP, whatever (unless you've deliberately added a packet filter) -- unlike a proxy, which works at the protocol level: thus you'll get an HTTP proxy or a FTP proxy or a SMTP relay or a DNS recursive server -- the names vary, but they all do proxy service. It's also common for proxies to cache previous traffic and reply out of cache instead of going all the way back to the originating server, but that's not a requirement. Sometimes the software used to implement a proxy is actually identical to the software you'ld use to implement the originating server -- as commonly seen with most MTAs and BIND and occasionally Apache HTTPD as you've done -- although specialised proxying software is more generally used for HTTP and FTP and the like. The point of having inetd(8) is that it provides is a mechanism so that you don't have to have umpty-dozen different small servers running all of the time and taking up your process space. I notice that mingetty runs ~ half a dozen instances on my box, waiting for console users that will never come since as a rule I do everything thru ssh on my windows workstation. And httpd, though I've cut the child process spec down on the apache conf since it's not needed. Of course the saved cycles aren't needed either in my current environment. :) getty(8) is pretty light weight, and it doesn't take much extra memory to run multiple copies of it. It's also the case that while you may not need to log in via the console during normal usage, when you do need console access then you generally need it very badly. Could httpd be set up to run via inetd instead of on its own? If so, is it not typically done this way because it is usually the biggie app on servers? Following that reasoning, if a server were primarily used for ftp would it make sense to remove ftpd from inetd's conf file and instead start it as a service, assuming that were possible? You can run apache 1.3.x through inetd -- see the 'ServerType' directive in httpd.conf: http://httpd.apache.org/docs/mod/core.html#servertype As it says in bright red letters: Inetd mode is no longer recommended and does not always work properly. Avoid it if at all possible. ServerType no longer exists in apache 2.0.x. If you are running a busy FTP site, then yes, running a standalone FTP daemon would be a good idea. However, the server side configuration for most FTP daemons is a lot simpler than for Apache, so it's feasible to run ftpd out of inetd for much higher traffic than it would be for apache. Another common server where there's an option of running under inetd is Samba -- however I think the trend nowadays is to assume that the Samba daemons will run standalone. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Is inetd a proxy server?
At 01:26 PM 2/22/2004, Matthew Seaman wrote: getty(8) is pretty light weight, and it doesn't take much extra memory to run multiple copies of it. It's also the case that while you may not need to log in via the console during normal usage, when you do need console access then you generally need it very badly. Fine if fbsd wants a dozen copies running. In fact since I don't have X installed would just as soon have all 12 pf keys mapped to cli consoles for if/when am sitting at the console. My issue is one of UI, especially for top. It would be nicer imo if those 1/2 doz getty processes were to display on one line somehow... maybe indicating the number running and a way for me to expand them if needed [which is essentially never which is my point]. So something like getty, necessary and there for the appropriate reason, i.e. it displays on top because it should, nonetheless is a light weight, in my case rarely used process that ends up consuming 1/3 or so of the screen real estate. You can run apache 1.3.x through inetd -- see the 'ServerType' directive in httpd.conf: http://httpd.apache.org/docs/mod/core.html#servertype As it says in bright red letters: Inetd mode is no longer recommended and does not always work properly. Avoid it if at all possible. In that case... ServerType no longer exists in apache 2.0.x. Doesn't bother me, I migrated backwards to apache 1.3.x on 3/4 servers because it seems the more common version, at least for Unix. My windows gateway runs apache 2.0 because it's pretty much restricted to being a documentation repository for faqs, manuals, and the like. I guess it's something I might try if I found out it was still in common and accepted commercial use, which from what you've said does not sound likely or at least wise. Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is inetd a proxy server?
On Sun, 22 Feb 2004 17:19:05 -0500 Marty Landman [EMAIL PROTECTED] wrote: My issue is one of UI, especially for top. It would be nicer imo if those 1/2 doz getty processes were to display on one line somehow... maybe indicating the number running and a way for me to expand them if needed [which is essentially never which is my point]. So something like getty, necessary and there for the appropriate reason, i.e. it displays on top because it should, nonetheless is a light weight, in my case rarely used process that ends up consuming 1/3 or so of the screen real estate. It shouldn't be too hard to modify top to collapse processes with the same name into a single line. Possibly more effort than it's worth for what you want, though. Have you tried pressing the 'i' key when top is running? It toggles the display of idle processes. (getty is generally idle.) This can save a lot of screen real estate. -Chris ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is inetd a proxy server?
At 05:41 PM 2/22/2004, Chris Pressey wrote: Have you tried pressing the 'i' key when top is running? It toggles the display of idle processes. (getty is generally idle.) This can save a lot of screen real estate. Thanks Chris, that's perfect. I gotta learn not to post before rereading the help page. Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]