Re: Is inetd a proxy server?

2004-02-22 Thread Marty Landman
At 11:12 AM 2/22/2004, Matthew Seaman wrote:

A proxy listens to all of your request, and then opens up a second 
connection to the real server (or another
proxy) for you and replays your request to it -- so all of the traffic is 
relayed through the proxy.
Newbie here Matthew. Could you please explain how a proxy differs from a 
router? Or are they in many ways intersecting in their functionality? e.g. 
I've got a class c network in my office and recently learned how to use 
apache to reverse proxy a request so that http://my-ip-adr/fbsd becomes the 
same as http://fbsd, where the latter is mapped to the ip addr for my fbsd 
box on the lan by apache. (which btw is kind of cool)

The point of having inetd(8) is that it provides is a mechanism so that 
you don't have to have umpty-dozen different small servers running all of 
the time and taking up your process space.
I notice that mingetty runs ~ half a dozen instances on my box, waiting for 
console users that will never come since as a rule I do everything thru ssh 
on my windows workstation. And httpd, though I've cut the child process 
spec down on the apache conf since it's not needed. Of course the saved 
cycles aren't needed either in my current environment. :)

Could httpd be set up to run via inetd instead of on its own? If so, is it 
not typically done this way because it is usually the biggie app on 
servers? Following that reasoning, if a server were primarily used for ftp 
would it make sense to remove ftpd from inetd's conf file and instead start 
it as a service, assuming that were possible?

Marty Landman   Face 2 Interface Inc 845-679-9387
This Month's New Quiz --- Past Superbowl Winners
Make a Website: http://face2interface.com/Home/Demo.shtml
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]


Re: Is inetd a proxy server?

2004-02-22 Thread Matthew Seaman
On Sun, Feb 22, 2004 at 11:58:10AM -0500, Marty Landman wrote:
 At 11:12 AM 2/22/2004, Matthew Seaman wrote:
 
 A proxy listens to all of your request, and then opens up a second 
 connection to the real server (or another
 proxy) for you and replays your request to it -- so all of the traffic is 
 relayed through the proxy.
 
 Newbie here Matthew. Could you please explain how a proxy differs from a 
 router? Or are they in many ways intersecting in their functionality? e.g. 
 I've got a class c network in my office and recently learned how to use 
 apache to reverse proxy a request so that http://my-ip-adr/fbsd becomes the 
 same as http://fbsd, where the latter is mapped to the ip addr for my fbsd 
 box on the lan by apache. (which btw is kind of cool)

Sure.  A router deals with network traffic at the IP level --
sometimes described as Layer 3 on the OSI 7 layer model.  In plain
English, the router doesn't care what's inside the packets: it just
looks at the IP numbers in the headers and relays the packets
appropriately.  A router will work for all sorts of traffic -- HTTP,
FTP, SSH, SMTP, whatever (unless you've deliberately added a packet
filter) -- unlike a proxy, which works at the protocol level: thus
you'll get an HTTP proxy or a FTP proxy or a SMTP relay or a DNS
recursive server -- the names vary, but they all do proxy service.
It's also common for proxies to cache previous traffic and reply out
of cache instead of going all the way back to the originating server,
but that's not a requirement.  Sometimes the software used to
implement a proxy is actually identical to the software you'ld use to
implement the originating server -- as commonly seen with most MTAs
and BIND and occasionally Apache HTTPD as you've done -- although
specialised proxying software is more generally used for HTTP and FTP
and the like.
 
 The point of having inetd(8) is that it provides is a mechanism so that 
 you don't have to have umpty-dozen different small servers running all of 
 the time and taking up your process space.
 
 I notice that mingetty runs ~ half a dozen instances on my box, waiting for 
 console users that will never come since as a rule I do everything thru ssh 
 on my windows workstation. And httpd, though I've cut the child process 
 spec down on the apache conf since it's not needed. Of course the saved 
 cycles aren't needed either in my current environment. :)

getty(8) is pretty light weight, and it doesn't take much extra memory
to run multiple copies of it.  It's also the case that while you may
not need to log in via the console during normal usage, when you do
need console access then you generally need it very badly.  
 
 Could httpd be set up to run via inetd instead of on its own? If so, is it 
 not typically done this way because it is usually the biggie app on 
 servers? Following that reasoning, if a server were primarily used for ftp 
 would it make sense to remove ftpd from inetd's conf file and instead start 
 it as a service, assuming that were possible?

You can run apache 1.3.x through inetd -- see the 'ServerType'
directive in httpd.conf:

http://httpd.apache.org/docs/mod/core.html#servertype

As it says in bright red letters: Inetd mode is no longer recommended
and does not always work properly. Avoid it if at all possible.
ServerType no longer exists in apache 2.0.x.

If you are running a busy FTP site, then yes, running a standalone FTP
daemon would be a good idea.  However, the server side configuration
for most FTP daemons is a lot simpler than for Apache, so it's
feasible to run ftpd out of inetd for much higher traffic than it
would be for apache.  Another common server where there's an option of
running under inetd is Samba -- however I think the trend nowadays is
to assume that the Samba daemons will run standalone.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.   26 The Paddocks
  Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614  Bucks., SL7 1TH UK


pgp0.pgp
Description: PGP signature


Re: Is inetd a proxy server?

2004-02-22 Thread Marty Landman
At 01:26 PM 2/22/2004, Matthew Seaman wrote:

getty(8) is pretty light weight, and it doesn't take much extra memory to 
run multiple copies of it.  It's also the case that while you may not need 
to log in via the console during normal usage, when you do need console 
access then you generally need it very badly.
Fine if fbsd wants a dozen copies running. In fact since I don't have X 
installed would just as soon have all 12 pf keys mapped to cli consoles for 
if/when am sitting at the console.

My issue is one of UI, especially for top. It would be nicer imo if those 
1/2 doz getty processes were to display on one line somehow... maybe 
indicating the number running and a way for me to expand them if needed 
[which is essentially never which is my point]. So something like getty, 
necessary and there for the appropriate reason, i.e. it displays on top 
because it should, nonetheless is a light weight, in my case rarely used 
process that ends up consuming 1/3 or so of the screen real estate.

You can run apache 1.3.x through inetd -- see the 'ServerType' directive 
in httpd.conf:

http://httpd.apache.org/docs/mod/core.html#servertype

As it says in bright red letters: Inetd mode is no longer recommended and 
does not always work properly. Avoid it if at all possible.
In that case...

ServerType no longer exists in apache 2.0.x.
Doesn't bother me, I migrated backwards to apache 1.3.x on 3/4 servers 
because it seems the more common version, at least for Unix. My windows 
gateway runs apache 2.0 because it's pretty much restricted to being a 
documentation repository for faqs, manuals, and the like.

I guess it's something I might try if I found out it was still in common 
and accepted commercial use, which from what you've said does not sound 
likely or at least wise.

Marty Landman   Face 2 Interface Inc 845-679-9387
This Month's New Quiz --- Past Superbowl Winners
Make a Website: http://face2interface.com/Home/Demo.shtml
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]


Re: Is inetd a proxy server?

2004-02-22 Thread Chris Pressey
On Sun, 22 Feb 2004 17:19:05 -0500
Marty Landman [EMAIL PROTECTED] wrote:

 My issue is one of UI, especially for top. It would be nicer imo if
 those 1/2 doz getty processes were to display on one line somehow...
 maybe indicating the number running and a way for me to expand them if
 needed [which is essentially never which is my point]. So something
 like getty, necessary and there for the appropriate reason, i.e. it
 displays on top because it should, nonetheless is a light weight, in
 my case rarely used process that ends up consuming 1/3 or so of the
 screen real estate.

It shouldn't be too hard to modify top to collapse processes with the
same name into a single line.  Possibly more effort than it's worth for
what you want, though.  Have you tried pressing the 'i' key when top is
running?  It toggles the display of idle processes.  (getty is generally
idle.)  This can save a lot of screen real estate.

-Chris
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]


Re: Is inetd a proxy server?

2004-02-22 Thread Marty Landman
At 05:41 PM 2/22/2004, Chris Pressey wrote:

Have you tried pressing the 'i' key when top is running?  It toggles the 
display of idle processes.  (getty is generally
idle.)  This can save a lot of screen real estate.
Thanks Chris, that's perfect. I gotta learn not to post before rereading 
the help page.

Marty Landman   Face 2 Interface Inc 845-679-9387
This Month's New Quiz --- Past Superbowl Winners
Make a Website: http://face2interface.com/Home/Demo.shtml
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]