10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 447 25 Basic network access: servers In this chapter: • Running servers from inetd • Configur ing ftpd • Running sshd • rsyncd • Setting up a web ser ver • NFS server • Samba In this chapter: • Running servers from inetd • Configur ing ftpd • Running sshd • rsyncd • Setting up a web ser ver • NFS server • Samba In the previous chapter,wesaw how touse clients to access other systems. This is only half the picture, of course. At the other end of the link, we need servers to provide this service. For each client, there is a server (a daemon) whose name is usually derivedfrom the client name by adding a d to it: Table 25-1: Server daemons for basic services Client Server ssh sshd telnet telnetd sftp sftp-server ftp ftpd rsync rsyncd (browser) httpd (NFS) nfsd In addition to these servers, we look at a fewothers in other chapters: • We’v e already looked at Xservers briefly in Chapter 8, Taking control,and we’ll see more in Chapter 28, XFree86 in depth. • Chapter 21 discussed DNS name servers. netserver.mm,v v4.19 (2003/04/09 20:42:40) 447 448 Chapter 25: Basic networ k access: servers 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 448 • Chapter 27 discusses Mail Transport Agents or MTAs,also referred to as mail servers. Some servers don’tneed anyconfiguration, and about all you need to do is to start them. Others, likeweb servers, can be very complicated. None of the complication is related to FreeBSD. For example, the issues involved in configuring apache are the same whether you run it with FreeBSD, NetBSD, Linux or Solaris. There are several good books, each at least the size of this one, on the detailed setup of some of these servers. In this chapter we’ll look at howtoget the servers up and running in a basic configuration, and where to turn for more information. Running serversfrominetd If you look at /etc/services,you’ll find that there are over800 services available, most of which are only supported on a small number of machines. It’snot always the best idea to start up a daemon for every possible service you may want to offer.IPsupplies an alternative: inetd,the Internet daemon,sometimes called a super-server,which listens on multiple ports. When a request arrivesonaspecific port, inetd starts a daemon specific to the port. Forexample, FreeBSD supports anonymous ftp, but most people don’t receive enough requests to warrant having the ftp daemon, ftpd,running all the time. Instead, inetd starts an ftpd when a request comes in on port 21. At startup, inetd reads a configuration file /etc/inetd.conf to determine which ports to monitor and what to do when a message comes in. Here’sanexcerpt: #$FreeBSD: src/etc/inetd.conf,v 1.58 2002/08/09 17:34:13 gordon Exp $ # #Internet server configuration database # #ftp stream tcp nowait root /usr/libexec/lukemftpd ftpd -l -r #ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l #ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l #telnet stream tcp nowait root /usr/libexec/telnetd telnetd #telnet stream tcp6 nowait root /usr/libexec/telnetd telnetd #shell stream tcp nowait root /usr/libexec/rshd rshd #shell stream tcp6 nowait root /usr/libexec/rshd rshd #login stream tcp nowait root /usr/libexec/rlogind rlogind #login stream tcp6 nowait root /usr/libexec/rlogind rlogind #exec stream tcp nowait root /usr/libexec/rexecd rexecd #shell stream tcp6 nowait root /usr/libexec/rshd rshd This file has the following format: • The first column is the service on which inetd should listen. If it starts with a # sign, it’sacomment, and inetd ignores it. You’ll note in this example that all the listed services have been commented out. Unless you run the daemon independently of inetd,arequest for one of these services will be rejected with the message: Unable to connect to remote host: Connection refused netserver.mm,v v4.19 (2003/04/09 20:42:40) Running servers from inetd 449 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 449 • The next three columns determine the nature of the connection, the protocol to use, and whether inetd should wait for the process to complete before listening for new connections. In the example, all the services are TCP,but there are entries both for tcp (the normal TCP protocol for IP Version 4) and tcp6 (the same service for IP Version 6). • The next column specifies the user as which the function should be performed. • The next column is the full pathname of the program (almost always a daemon) to start when a message comes in. Alternatively,itmight be the keyword internal, which specifies that inetd should perform the function itself. • All remaining columns are the parameters to be passed to the daemon. Older versions of UNIX ran inetd as part of the startup procedure. That isn’talways necessary,ofcourse, and for security reasons the default installation of FreeBSD no longer starts it. Youcan change that by adding the following line to your /etc/rc.conf : inetd_enable="YES" # Run the network daemon dispatcher (YES/NO). To enable services in /etc/inetd.conf,itmay be enough to remove the comment from the corresponding line. This applies for most the services in the example above.Insome cases, though, you may have toperform additional steps. Forexample, lukemftpd,an alternative ftpd,and nntpd,the Network News Transfer Protocol,are not part of FreeBSD: they’re in the Ports Collection. Also, nntpd is intended to run as user usenet, which is not in the base system. The other daemons are not mentioned in /etc/inetd.conf : • The preferred way to run sshd is at system startup. As we’ll see, the startup is quite slow, soit’snot a good idea to run it from /etc/inetd.conf,though it is possible—see the man page if you really want to. • sftp-server is the server for sftp.Itgets started from sshd. • httpd,the Apache Web Server,also has quite a long startup phase that makes it impractical to start it from /etc/inetd.conf.Note also that httpd requires a configuration file. We’lllook at that on page 455. • By contrast, it’sperfectly possible to start rsyncd from inetd.It’snot included in the standard /etc/inetd.conf file because it’saport. Yes, so are lukemftpd and nntpd.It’s just a little inconsistent. This is the line you need to put in /etc/inetd.conf to start rsyncd. rsync stream tcp nowait root /usr/local/bin/rsync rsync --daemon The name rsync is not a typo. rsync and rsyncd are the same thing; it’sthe --daemon option that makes rsync run as a daemon. netserver.mm,v v4.19 (2003/04/09 20:42:40) 450 Chapter 25: Basic networ k access: servers 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 450 inetd doesn’tnotice alterations to /etc/inetd.conf automatically.After modifying the file, you must send it a SIGHUP signal: # killall -HUP inetd Youcan write -1 instead of -HUP.This causes inetd to re-read /etc/inetd.conf. Instead of starting daemons via inetd,you can start them at boot time. inetd is convenient for servers that don’tget run very often, but if you makefrequent connections, you can save overhead by running the servers continuously.Onthe other hand, it’snot practical to start rshd, rlogind, re xecd or telnetd at boot time: they’re designed to be started once for each session, and theyexit after the first connection closes. We’lllook at starting the other daemons in the following sections, along with their configuration. Configuring ftpd Normally you’ll run ftpd from inetd,aswesaw above.Ifyou want to run it directly, perform the following steps: • Add the following line in /etc/rc.local: echo -n ’starting local daemons:’ #put your local stuff here echo " ftpd" && ftpd -D The option -D tells ftpd to run as a daemon. Youwill possibly want other options as well; see the discussion below. • Comment out the ftp line in /etc/inetd.conf by adding a hash mark (#)infront of it: # ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l • Either reboot, or cause inetd to re-read its configuration file: # killall -1 inetd send a SIGHUP If you don’tperform this step, inetd keeps the ftp port open, and ftpd can’trun. Forsecurity reasons, you will probably want to add options such as logging and anonymous ftp.We’ll look at howtodothat in the next twosections. anonymous ftp Anonymous ftp givesyou a couple of security options: • It restricts access to the home directory of user ftp.From the point of viewofthe remote user, ftp’s home directory is the root directory,and he cannot access anyfiles outside this directory.Note that this means that you can’tuse symbolic links outside the ftp directory,either. netserver.mm,v v4.19 (2003/04/09 20:42:40) Configur ing ftpd 451 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 451 • It restricts access to the machine generally: the user doesn’tlearn anypasswords, so he has no other access to the machine. In addition, you can start ftpd in such a manner that it will allowonly anonymous ftp connections. There are a number of preparations for anonymous ftp: • Decide on a directory for storing anonymous ftp files. The location will depend on the amount of data you propose to store there. By default, it’s /var/spool/ftp. • Create a user ftp,with the anonymous ftp directory as the home directory and the shell /dev/null.Using /dev/null as the shell makes it impossible to log in as user ftp, butdoes not interfere with the use of anonymous ftp. ftp can be a member of group bin or you can create a newgroup ftp by adding the group to /etc/group.See page 145 for more details of adding users, and the man page group(5) for adding groups. • Create subdirectories ˜ftp/bin and ˜/ftp/pub.Itisalso possible to create a directory for incoming data. By convention its name is ˜ftp/incoming.This is a very bad idea if you’re connected to the global Internet: it won’tbelong before people start using your system as a server for illicit data. Only use this option if you have some other method of stopping unauthorized access. Set the ownership of the directories likethis: dr-xr-xr-x 2 ftp ftp 512 Feb 28 12:57 bin drwxrwxrwx 2 ftp ftp 512 Oct 705:55 incoming drwxrwxr-x 20 ftp ftp 512 Jun 314:03 pub This enables read access to the pub directory and read-write access to the incoming subdirectory. • If you have a lot of files that are accessed relatively infrequently,it’spossible you will find people on the Net who copyall the files that theysee in the directory. Sometimes you’ll find multiple connections from one system copying all the files in parallel, which can cause bandwidth problems. In some cases, you might find it more appropriate to distribute the names individually,and to limit access to reading the directories. You can do this by setting the permissions of pub and its subdirectories likethis: d--x--x--x 20 ftp ftp 512 Jun 314:03 pub This allows access to the files, but not to the directory,sothe remote user can’tfind the names of the files in the directory. • Copythe following files to ˜ftp/bin: /usr/bin/compress, /usr/bin/gzip, /usr/bin/gunzip, /bin/ls, /usr/bin/tar and /usr/bin/uncompress.The viewofanonymous ftp users is restricted to the home directory,soall programs that are to be executed must also be in this directory. netserver.mm,v v4.19 (2003/04/09 20:42:40) 452 Chapter 25: Basic networ k access: servers 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 452 Youcan (‘‘hard’’) link the files if you want (and if the directory is on the same file system), but symbolic links will fail, since theycontain path names that do not point to the correct place when running in the anonymous ftp environment. Restricting access and logging Anumber of ftpd options makeiteasier to control and monitor ftp access: • The -l option logs each session, whether successful or not, to syslogd with the facility LOG_FTP.Toenable this logging, your /etc/syslog.conf should contain a line like ftp.* /var/log/ftpd In addition, the file /var/log/ftpd must exist. If it doesn’t, create it with: # touch /var/log/ftpd The -l option has twolev els: if you specify it once, it logs connections only.Ifyou specify it twice, it also lists the files that are transferred. • The -S option logs all anonymous transfers to the file /var/log/ftpd. • Youcan restrict access to only anonymous ftp with the -A option. There are a number of other options; see the man page ftpd(8) for further details. In addition to these options, when a real user establishes a connection, ftpd checks the user’sshell. If it is not listed in /etc/shells, ftpd will denythe connection. This can be useful if you don’twant specific users to access the system: give them a different shell, such as /usr/bin/sh instead of /bin/sh,and ensure that /usr/bin/sh is not in /etc/shells. Log file format The format of the log files is a little unusual. You’ll see things like: Oct 12 16:32:04 freebie ftpd[8691]: ANONYMOUS FTP LOGIN FROM adam.adonai.net, leec@a donainet Oct 12 18:33:32 freebie ftpd[9007]: connection from gateway.smith.net.au Oct 12 18:33:37 freebie ftpd[9007]: ANONYMOUS FTP LOGIN FROM gateway.smith.net.au, m ike Oct 12 21:36:28 freebie ftpd[9369]: connection from grisu.bik-gmbh.de Oct 12 21:36:29 freebie ftpd[9369]: ANONYMOUS FTP LOGIN FROM grisu.bik-gmbh.de, harv est@ Oct 12 21:36:37 1997!harvest@!grisu.bik-gmbh.de!/pub/cfbsd/README!9228!1 Oct 12 21:37:05 freebie ftpd[9371]: connection from grisu.bik-gmbh.de Oct 12 21:37:06 freebie ftpd[9371]: ANONYMOUS FTP LOGIN FROM grisu.bik-gmbh.de, harv est@ Oct 13 09:38:19 freebie ftpd[13514]: connection from 151.197.101.46 Oct 13 09:38:21 freebie ftpd[13514]: ANONYMOUS FTP LOGIN FROM 151.197.101.46, bmc@ho vercraft.willscreek.com Oct 13 09:38:58 1997!bmc@hovercraft.willscreek.com!151.197.101.46!/pub/cfbsd/dear-re viewer!8890!1 Oct 13 09:41:42 1997!bmc@hovercraft.willscreek.com!151.197.101.46!/pub/cfbsd/txt/26- netdebug.txt.gz!12188!1 Oct 13 09:42:05 1997!bmc@hovercraft.willscreek.com!151.197.101.46!/pub/cfbsd/txt/C-p netserver.mm,v v4.19 (2003/04/09 20:42:40) Configur ing ftpd 453 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 453 ackages.txt.gz!37951!1 Oct 13 09:59:07 freebie ftpd[14117]: connection from 151.197.101.46 Oct 13 09:59:08 freebie ftpd[14117]: ANONYMOUS FTP LOGIN FROM 151.197.101.46, bmc@ho vercraft.willscreek.com Oct 13 09:59:24 1997!bmc@hovercraft.willscreek.com!151.197.101.46!/pub/cfbsd/txt/D-b iblio.txt.gz!1815!1 This log excerpt shows three kinds of message: • The messages starting with the text connection from occur when an ftp connection is made. Theydon’tmean that anypermission to access has been given. These messages are logged by the -l option. • The ANONYMOUS FTP LOGIN messages showthat somebody has logged in anonymously.The name follows, not always in the required username format. The standard ftpd does not enforce this requirement; you may find something that does in the Ports Collection. These messages are logged by the -S option. • The lines full of ! marks showfiles being transferred. The ! marks delimit the fields, which are: • The year,asanextension of the timestamp. • The user ID. • The IP address of the system to which the data is transferred. • The name of the file transferred. • The number of bytes transferred. Running sshd Normally you start sshd from the system configuration file /etc/rc.conf : sshd_enable="YES" # Enable sshd That’sall you need to do for sshd.You can also start it simply with: #sshd sshd reads a configuration file /etc/ssh/sshd_config.Likeits companion /etc/ssh/ssh_config,itcontains mainly commented-out lines showing the default values. Most of them don’trequire change, but the following entries may be of interest: • Protocol states which ssh protocols to use, and in which order.Bydefault, sshd tries protocol 2 first, and falls back to protocol 1 if protocol 2 fails. You might consider setting it to use only protocol 2. • When PermitRootLogin is set to yes,you can log in as root via ssh.Normally it’sdisabled. netserver.mm,v v4.19 (2003/04/09 20:42:40) 454 Chapter 25: Basic networ k access: servers 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 454 • Set PasswordAuthentication to no if you want all access to be via key exchange (see page 420 for more details). • If you want to run sftp-server,add the following line to /etc/ssh/sshd_config: Subsystem sftp /usr/libexec/sftp-server It should be present by default. rsyncd As we’ve seen, rsyncd is just another name for rsync.You don’tneed to do anyspecific configuration to start it: it gets started from sshd,soall you need to do is to ensure that sshd gets started. Starting rsyncd isn’tenough, though: it needs configuration. Create a file /usr/lo- cal/etc/rsyncd.conf with contents something likethis: motd file = /usr/local/etc/rsyncd.txt log file = /var/log/rsyncd.log transfer logging = true [groggy] path = /home/grog/public_html uid = grog read only = yes list = yes comment = Greg’s web pages hosts allow = 223.147.37.0/24 [tivo] path = /var/tivo uid = grog read only = no list = yes comment = TiVo staging area hosts allow = tivo.example.org This is the configuration file used in the server examples in Chapter 24. It consists of two parts: a global part at the beginning, with settings that apply to all modules, and one or more module parts describing files that the server will supply. The global options here specify the motd file,afile whose contents are printed when you list modules (the ‘‘be gentle’’message in the examples), and that transfers should be logged to /var/log/rsyncd.log.The log output looks something likethis: 2002/10/24 13:31:49 [16398] send presto.example.org [192.109.197.74] groggy () slash dot/topicscience.gif 1083 2002/10/24 13:31:49 [16398] send presto.example.org [192.109.197.74] groggy () slash dot/topicsecurity.gif 3034 2002/10/24 13:31:49 [16398] send presto.example.org [192.109.197.74] groggy () slash dot/topictv.jpg 951 2002/10/24 13:31:49 [16398] send presto.example.org [192.109.197.74] groggy () slide .pdf 40470 2002/10/24 13:31:49 [16398] send presto.example.org [192.109.197.74] groggy () stock whip.html 1602 netserver.mm,v v4.19 (2003/04/09 20:42:40) rsyncd 455 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 455 The next part of the configuration file describes modules,directory hierarchies that rsyncd makes available. If you’re used to Microsoft-style configuration files, this will seem relatively familiar.The module names are enclosed in square brackets ([]), and theydon’thav e to have any relationship with the name of the directory.Inthis case we have two modules. Both have a comment,adescriptive textprinted out when you list the modules, and both allowlisting the name of the module (list = yes). In addition: • Module groggy makes available the directory /home/grog/public_html,myweb pages, for read-only access. rsyncd accesses the module as user grog.Any host on the 256 address block starting with 223.147.37.0 can access the data. • Module tivo makes available the directory /var/tivo for read-write access, but only to the host tivo.example.org.Again rsyncd accesses the data as user grog. There are a large number of other options for rsyncd,but this example shows the most important ones. See the man page rsyncd.conf(5) for more information. Setting up a web server FreeBSD is a system of choice for running web servers, so it’snot surprising that a large number are available. Probably the most popular is apache,which is available in the Ports Collection. Install with: # cd /usr/ports/www/apache13 # make install In future versions, the name apache13 will change. Apache comes with a lot of documentation in HTML format (of course), which is installed in /usr/lo- cal/share/doc/apache/manual.You might find it useful to put a symbolic link to it in your web home directory: # cd /usr/local/www/data # ln -s /usr/local/share/doc/apache/manual apachedoc After this, you can access the documentation at (for example) http://www.exam- ple.org/apachedoc/. Configuring apache The Apache port uses the following directories: • The configuration files are in the directory hierarchy /usr/local/etc/apache.The port installs prototype configuration files, but theyneed to be modified. • By default, the web pages are in /usr/local/www/data.This is the ‘‘root’’directory for the web pages: the file /usr/local/www/data/foo.html on www.example.org will have the URL http://www.example.org/foo.html.You may find it a good idea to change the directory to the /var file system in a location such as /var/www/data. We’lllook at howtodothat with the DocumentRoot entry in the configuration file. netserver.mm,v v4.19 (2003/04/09 20:42:40) 456 Chapter 25: Basic networ k access: servers 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 456 • Icons for Apache’sown use are stored in /usr/local/www/icons.You can’taccess these icons by URI, so don’tput your own images here. • CGI scripts are stored in /usr/local/www/cgi-bin. The configuration file The apache configuration file is /usr/local/etc/apache/httpd.conf.Older versions of apache also used the files /usr/local/etc/apache/access.conf and /usr/lo- cal/etc/apache/srm.conf.The division between these three files was relatively arbitrary, and the current recommendation is to not use these files, but to put their content in /usr/local/etc/apache/httpd.conf instead. See the apache documentation if you need to change the other files. httpd.conf Probably the best way to understand httpd.conf is to read through it. It’spretty long and contains a large number of comments. Most entries can be left the way there are, so we won’tlist the entire file here: instead we’ll look at the parameters that may need change. We’lllook at the system-wide features in the following list, and host-related features in the next section. • ServerType states whether you start it from inetd or standalone (the default). It’s not a good idea to start httpd from inetd,soyou should leave this entry unchanged. • ServerRoot claims to be the path to the configuration files, but in fact the files are stored in the subdirectory etc/apache of this directory.You shouldn’tneed to change it. • The comments about ScoreBoardFile suggest that you should check to see if the system creates one. Don’tbother: FreeBSD doesn’tcreate this file, and you don’t need to worry about it. • The Keep-Alive extension to HTTP,asdefined by the HTTP/1.1 draft,allows persistent connections. These long-livedHTTP sessions allowmultiple requests to be sent overthe same TCP connection, and in some cases have been shown to result in an almost 50% speedup in latencytimes for HTML documents with lots of images. • The parameters MinSpareServers, MaxSpareServers, StartServers, Max- Clients and MaxRequestsPerChild are used for server tuning. The default values should work initially,but if you have a lot of Web traffic, you should consider changing them. • The next area of interest is a large list of modules.Alot of apache functionality is optional, and you include it by including a module. We’lllook at this in more detail below. • The parameter ProxyRequests allows Apache to function as a proxy server.We’ll look at this in more detail below. netserver.mm,v v4.19 (2003/04/09 20:42:40) [...]... netserver.mm,v v4.19 (2003/04/09 20:42:40) 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 464 464 Chapter 25: Basic network access: servers • The -ro option restricts access to read-only • The -network option restricts the access to systems on the specified network • The -alldirs option allows remote clients to mount any directory in the file system directly Without this option, remote... A typical /etc/exports for presto might be: / /usr -maproot=0 -maproot=0 -alldirs presto bumble wait gw -network 223.147.37.0 This allows root access to both file systems Only the trusted systems presto, bumble, wait and gw are allowed to access the root file system, whereas any system on the local network may access /usr Remote systems may mount any directory on the /usr file system directly Samba BSD... allow any of the users specified on this line to access the directory netserver.mm,v v4.19 (2003/04/09 20:42:40) 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 462 462 Chapter 25: Basic network access: servers Apache modules apache offers a large quantity of optional functionality, which it provides in the form of dynamically loadable modules We’ve seen above that there are two long lists... ServerAdmin for each virtual domain; that depends on how you run the system netserver.mm,v v4.19 (2003/04/09 20:42:40) 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 458 458 Chapter 25: Basic network access: servers • DocumentRoot is the name of the directory that will become the root of the web page hierarchy that the server provides By default, for the main server it’s /usr/local/www/data,... / %255c / %255c /winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 323 netserver.mm,v v4.19 (2003/04/09 20:42:40) 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 460 460 Chapter 25: Basic network access: servers The fields in the log file are separated by blanks, so empty entries are replaced by a character In this example, the second and third fields are always empty They’re used for identity... chapter we’ll look at the standard implementation, Samba This chapter describes only the FreeBSD side of the setup; you’ll need to follow the Microsoft documentation for setting up the Microsoft side of the network Samba is a collection of software components that implement the SMB protocol over TCP/IP You can use it to interface with all current Microsoft environments It is part of netserver.mm,v v4.19 (2003/04/09... of which we don’t touch on here The ones we look at are: • smbd, a daemon that provides file and print services to SMB clients • nmbd, which provides name services for NetBIOS • smbpasswd, which sets up network passwords for Samba • smbclient, a simple ftp-like client that is useful for accessing SMB shared files on other servers, such as Windows for Workgroups You can also use it to allow a UNIX box to... configuration files you have in /etc/local/etc, this could cause problems netserver.mm,v v4.19 (2003/04/09 20:42:40) 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 466 466 Chapter 25: Basic network access: servers smbd and nmbd: the Samba daemons The main component of Samba is smbd, the SMB daemon In addition, you need the Samba name daemon, nmbd, which supplies NetBIOS name services for... which can speed up the response time of such applications by over 95% netserver.mm,v v4.19 (2003/04/09 20:42:40) 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 468 468 Chapter 25: Basic network access: servers The [homes] section The [homes] section allows clients to connect to their home directories without needing an entry in the configuration file If this section is present, and an incoming... If you’re starting them from inetd, you don’t need to do anything netserver.mm,v v4.19 (2003/04/09 20:42:40) 10 April 2003, 06:13:07 The Complete FreeBSD (netserver.mm), page 470 470 Chapter 25: Basic network access: servers $ smbclient -L freebie -U grog added interface ip=223.147.37.1 bcast=223.147.37.255 nmask=255.255.255.0 Password: as usual, no echo Domain=[EXAMPLE] OS=[Unix] Server=[Samba 2.2.7a] . option restricts access to read-only. • The -network option restricts the access to systems on the specified network. • The -alldirs option allows remote. following line to your /etc/rc.conf : inetd_enable="YES" # Run the network daemon dispatcher (YES/NO). To enable services in /etc/inetd.conf,itmay