Xinetd not running



  • Hi @ all,
    I want to monitor my pfsense-box with check_mk, since snmp does not give all data I want. After reading some identical posts about it, I installed the check_mk-agent. It works locally, but cannot be contacted from the LAN. Since I found no xinetd-config, I looked if xinetd ist running.
    According to
      ps ax | grep xinetd
    no xinetd-daemon is running

    In the /etc and etc/rc.d directories no start-script for xinetd can be found (by service-name). So I tried a new
    installation with
      pkg install xinetd
    This only tells me „The most recent version of packages are already installed“

    Now I tried to manually start xinetd with
      service xinetd start
    I got "Cannot 'start' xinetd. Set xinetd_enable to YES in /etc/rc.conf or use 'onestart' instead of 'start'."

    /etc/rc.conf is nearly empty and contains no xinetd-lines, so I tried
      service xinetd onestart
    but it says „Starting xinetd.“, but it is still not running (tested with ps and xin…onestop)

    Finally I found the config-script for xinetd in  /usr/local/etc/rc.d/
    it contains:

    Add the following line to /etc/rc.conf to enable xinetd:

    xinetd_enable="YES"

    but etc/rc.conf says:

    THIS FILE DOES NOTHING, DO NOT MAKE CONFIG CHANGES HERE

    So, what can I do to get xinetd running and where will I find the config-file to open the port for check_mk???

    Thanks in advance and best wishes from frozen Austria,
    Karl



  • Hi,

    What is your pfSense version ?

    Btw :

    [2.4.2-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps ax | grep xinetd
    16284  -  Is       0:00.08 /usr/local/sbin/xinetd -syslog daemon -f /var/etc/xi
    78340  0  S+       0:00.00 grep xinetd
    [2.4.2-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps ax | grep xinetd
    16284  -  Is       0:00.08 /usr/local/sbin/xinetd -syslog daemon -f /var/etc/xinetd.conf -pidfile /var/run/xinetd.pid
    78733  0  S+       0:00.00 grep xinetd
    [2.4.2-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: cat /var/etc/xinetd.conf
    service 6969-udp
    {
            type = unlisted
            bind = 127.0.0.1
            port = 6969
            socket_type = dgram
            protocol = udp
            wait = yes
            user = root
            server = /usr/libexec/tftp-proxy
            server_args = -v
    }
    
    

    This xinetd service is only listening to localhost, not LAN.

    Note : as far as I know, I never installed a package that includes "xinetd" - actually, I don't know what it is - what it does.
    I know it is there by default.



  • Inetd is a very old  "super server daemon" on UNIX and UNIX-style operating systems. Ideally nobody would be using it anymore but it's still required by some services.

    https://en.wikipedia.org/wiki/Inetd

    The reason why it should be abandoned is that inetd is a single point of failure and its access control features (provided by /etc/hosts.allow and such) are completely superceded by packet filters such as PF.



  • @ kpa
    I do not want to run inetd, but xiinetd and I need it for check_mk.

    @Gertjan

    @Gertjan:

    Hi,

    What is your pfSense version ?

    My version is:
    2.4.2-RELEASE-p1 (amd64)
    built on Tue Dec 12 13:45:26 CST 2017
    FreeBSD 11.1-RELEASE-p6

    @Gertjan:

    Btw :

    [2.4.2-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps ax | grep xinetd
    16284  -  Is       0:00.08 /usr/local/sbin/xinetd -syslog daemon -f /var/etc/xi
    78340  0  S+       0:00.00 grep xinetd
    [2.4.2-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: ps ax | grep xinetd
    16284  -  Is       0:00.08 /usr/local/sbin/xinetd -syslog daemon -f /var/etc/xinetd.conf -pidfile /var/run/xinetd.pid
    78733  0  S+       0:00.00 grep xinetd
    [2.4.2-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: cat /var/etc/xinetd.conf
    service 6969-udp
    {
            type = unlisted
            bind = 127.0.0.1
            port = 6969
            socket_type = dgram
            protocol = udp
            wait = yes
            user = root
            server = /usr/libexec/tftp-proxy
            server_args = -v
    }
    
    

    This xinetd service is only listening to localhost, not LAN.

    Note : as far as I know, I never installed a package that includes "xinetd" - actually, I don't know what it is - what it does.
    I know it is there by default.

    From the output of your ps-command I can see, that your config is in /var/etc. I too have a file there, but it is empty and has size 0.

    I agree with you, that xinetd seems to be installed by default, but on my box it is not running. :-((

    Can you please tell me how xinetd can be started, which config files are needed and where these need to be?

    TIA, Karl


Log in to reply