Ubuntu Manpage: ipsvd-instruct - format of the ipsvd(8) instructions directory

NAME

       ipsvd-instruct - format of the ipsvd(8) instructions directory

DESCRIPTION

       The  internet  protocol  service  daemons,  ipsvd(7),  can  be  told  to  read  and follow
       instructions from a directory on incoming connections to the socket they listen on.

       For mostly static instructions or for performance reasons, it is possible to  compile  the
       instructions  from a directory into a constant database (cdb) with ipsvd-cdb(8) for faster
       lookup, and to tell ipsvd(7) to read the instructions from there.

MATCHING

On each incoming connection, the ipsvd(7) matches the client's IP address against files in
the instructions directory. For example, the IP address a.b.c.d which reverse resolves to
moa.bit.smarden.org is matched against the following files in the instructions directory,
in this order, first match wins:

1. a.b.c.d

2. a.b.c

3. a.b

4. a

If the client's hostname has been successfully looked up in DNS:

5. moa.bit.smarden.org

6. bit.smarden.org

7. smarden.org

8. org

And finally the catchall file ``0'' (zero):

9. 0

After successfully matching a client's IP address or hostname against the instructions
directory, ipsvd(7) examines the file that matched the IP address or hostname, and acts
accordingly:

1. If neither the user's read permission, nor the user's execute permission is set for
the file, the connection is closed immediately.

2. If the file has the user's execute permission set, ipsvd(7) reads the contents of
the file and runs /bin/sh -c '<contents>' instead of the default program prog given
at the command line for this connection.

3. If the file has the user's read permission set, ipsvd(7) reads the contents of the
file and interprets each line as an instruction for this connection (see below).

If the client's IP address or hostname doesn't match any file in the instructions
directory, the default action is taken (the program prog is run to handle the connection).

INSTRUCTIONS

If ipsvd(7) is given instructions for an incoming connection, it reads the corresponding
file and interprets each line as follows. The file may be empty, meaning that there is no
special instruction.

Empty lines and lines starting with ``#'' are ignored.

+VAR=VALUE
environment. If the line starts with a plus (``+''), and the string following the
plus contains a ``='', ipsvd(7) puts the string following the plus into the
environment before starting prog to handle the connection. If the string following
the plus doesn't contain a ``='', ipsvd(7) makes sure that the environment variable
with the name string is not set.

Cnum[:msg]
concurrency. If the line starts with a ``C'', and is followed by a number, the per
host concurrency limit for the IP address that initiated the connection is set to
this number. If num is zero, per host concurrency limit is disabled. If num is
followed by ``:msg'', the message msg is written to this client if possible, if the
per host concurrency limit is reached.

msg may contain backslash-escaped characters as follows: ``\\'' is converted to a
single backslash, ``\n'' is converted to a new line character, and ``\r'' is
converted to a carriage return.

On multiple concurrency instructions the last processed concurrency instruction is
considered. Not all ipsvd(7)'s support per host concurrency.

=hostname[:forward]
check hostname. If the line starts with a ``='', and is followed by a hostname,
ipsvd(7) looks up the IP addresses for hostname in DNS and checks if the client's
IP address matches one of these IP addresses. If so, ipsvd(7) stops processing the
instructions here and runs prog. If hostname is followed a colon and forward,
ipsvd(7) now examines the file forward and acts accordingly, instead of running
prog. All check hostname instructions in forward are ignored. If forward does not
exist, the connection is closed.

hostname may be ``0'' (zero), matching any IP address.

Note: Using check hostname instructions can cause significant delay while
responding to connection attempts, caused by DNS lookups.

If ipsvd(7) cannot interpret a line, it prints a warning, discards the line, and continues
with the next instruction if any.

After processing all instructions, ipsvd(7) runs prog. If the file contains at least one
check hostname instruction, and none was successful, it closes the connection instead of
running prog.

EXAMPLE INSTRUCTIONS

       +MEMORY=20000
              This  instruction  causes  the  environment  variable  ``MEMORY''  with  the  value
              ``20000'' to be available to the program prog that handles the connection.

       +DEBUG=
              This  instruction  adds  the  variable  ``DEBUG''  with  an  empty  value  to   the
              environment.

       +LOGNAME
              This  instructions  makes  sure  that the environment variable ``LOGNAME'' is unset
              when running prog.

       C16    Set the per host concurrency to 16.  A connection will be closed silently if  there
              are already 16 active connections from this client's IP address.

       =floyd.dyn.smarden.org:127.0.0.1
              Check  IP  address of the dynamic hostname floyd.dyn.smarden.org.  If one of the IP
              addresses floyd.dyn.smarden.org currently  resolves  to  matches  the  client's  IP
              address,  handle  the  connection  through  the  file 127.0.0.1 in the instructions
              directory.

AUTHOR