usr.sbin/inetd/inetd.8

.\"	$NetBSD: inetd.8,v 1.68 2024/05/24 21:55:13 andvar Exp $
.\"
.\" Copyright (c) 1998 The NetBSD Foundation, Inc.
.\" All rights reserved.
.\"
.\" This code is derived from software contributed to The NetBSD Foundation
.\" by Jason R. Thorpe of the Numerical Aerospace Simulation Facility,
.\" NASA Ames Research Center.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.\" Copyright (c) 1985, 1991 The Regents of the University of California.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"     from: @(#)inetd.8       8.4 (Berkeley) 6/1/94
.\"
.Dd October 12, 2021
.Dt INETD 8
.Os
.Sh NAME
.Nm inetd ,
.Nm inetd.conf
.Nd internet
.Dq super-server
.Sh SYNOPSIS
.Nm
.Op Fl d
.Op Fl l
.Op Ar configuration file
.Sh DESCRIPTION
.Nm
should be run at boot time by
.Pa /etc/rc
(see
.Xr rc 8 ) .
It then opens sockets according to its configuration and listens
for connections.
When a connection is found on one of its sockets, it decides what
service the socket corresponds to, and invokes a program to service
the request.
After the program is finished, it continues to listen on the socket
(except in some cases which will be described below).
Essentially,
.Nm
allows running one daemon to invoke several others,
reducing load on the system.
.Pp
The options available for
.Nm :
.Bl -tag -width Ds
.It Fl d
Turns on debugging and runs
.Nm
in the foreground.
.It Fl f
Runs
.Nm
in the foreground.
.It Fl l
Turns on libwrap connection logging.
.El
.Pp
Upon execution,
.Nm
reads its configuration information from a configuration
file which, by default, is
.Pa /etc/inetd.conf .
The path given for this configuration file must be absolute, unless
the
.Fl d
option is also given on the command line.
.Pp
Services can be specified using the legacy `positional' notation or the
`key-values' notation described in the sections
.Sx Positional Notation
and
.Sx Key-Values Notation
below.
.Ss Positional Notation
There must be an entry for each field of the configuration
file, with entries for each field separated by a tab or
a space.
Comments are denoted by a ``#'' at the beginning of a line (see subsection
.Sx Key-Values Notation
for defining comments in key-values definitions).
There must be an entry for each field (except for one
special case, described below).
A positional definition is terminated by a newline.
The fields of the configuration file are as follows:
.Pp
.Bd -unfilled -offset indent -compact
[listen-addr:]service-spec
socket-type[:accept-filter]
protocol[,sndbuf=size][,rcvbuf=size]
wait/nowait[:max]
user[:group]
server-program
server program arguments
.Ed
.Pp
The
.Em listen-addr
parameter specifies the local address
.Nm
should use when listening.
The single character
.Dq \&*
means
.Dv INADDR_ANY :
all local addresses.
The
.Em listen-addr
parameter may be a host name, which will be resolved once, when the service
definition is read from the config file.
.Pp
Note that restricted listen addresses are meaningless and ignored for
UNIX-domain services, and are not supported for
.Em Sun-RPC
services.
All
.Em Sun-RPC
services always listen on all interfaces.
.Pp
The form of the
.Em service-spec
parameter varies with the service type.
For Internet services, the
.Em service-spec
parameter can be either the name of a service from
.Pa /etc/services
or a decimal port number.
For
.Dq internal
services (discussed below), the service name
.Em must
be the official name of the service (that is, the first entry in
.Pa /etc/services )
and not an alias for it.
.Pp
For
.Em Sun-RPC
based services, the
.Em service-spec
parameter has the form
.Em service-name Ns Li / Ns Em version .
The service name must be a valid RPC service name from
the file
.Pa /etc/rpc .
The
.Em version
on the right of the
.Dq /
is the RPC version number.
This can simply be a single numeric argument or a range of versions.
A range is bounded by the low version to the high version, e.g.
.Dq rusers/1-3 .
.Pp
For UNIX-domain (local) services, the
.Em service-spec
parameter is the path name to listen on.
.Pp
The
.Em service-spec
parameter must not begin with a dot.
See
.Sx Directives .
.Pp
The
.Em socket-type
parameter should be one of
.Dq stream ,
.Dq dgram ,
.Dq raw ,
.Dq rdm ,
or
.Dq seqpacket ,
depending on whether the socket is a stream, datagram, raw,
reliably delivered message, or sequenced packet socket.
.Pp
Optionally, for Internet services, an accept filter
(see
.Xr accept_filter 9 )
can be specified by appending a colon to
.Em socket-type ,
followed by the name of the desired accept filter.
In this case
.Nm
will not see new connections for the specified service until the accept
filter decides they are ready to be handled.
.\" XXX: do accept filters work for AF_UNIX sockets? nobody probably
.\" cares, but...
.Pp
The
.Em protocol
parameter must be a valid protocol as given in
.Pa /etc/protocols
or (for UNIX-domain services) the string
.Dq unix .
The most common are
.Dq tcp
and
.Dq udp .
For TCP and UDP, the IP version (4 or 6) may be specified explicitly
by appending 4 or 6 to the protocol name.
Otherwise the default version (IPv4) is used.
For
.Em Sun-RPC
the string
.Dq rpc
and a slash should be prepended:
.Dq rpc/tcp
or
.Dq rpc/udp .
If you would like to enable special support for
.Xr faithd 8 ,
prepend the string
.Dq faith
and a slash:
.Dq faith/tcp6 .
.Pp
In addition to the protocol, the configuration file may specify the
send and receive socket buffer sizes for the listening socket.
This is especially useful for
.Tn TCP :
the window scale factor, which is based on the receive socket
buffer size, is advertised when the connection handshake occurs
and thus the socket buffer size must be set on the listen socket.
By increasing the socket buffer sizes, better
.Tn TCP
performance may be realized in some situations.
The socket buffer sizes are specified by appending their values to
the protocol specification as follows:
.Bd -literal -offset indent
tcp,rcvbuf=16384
tcp,sndbuf=64k
tcp,rcvbuf=64k,sndbuf=1m
.Ed
.Pp
A literal value may be specified, or modified using
.Sq k
to indicate kibibytes or
.Sq m
to indicate mebibytes.
Socket buffer sizes may be specified for all
services and protocols except for tcpmux services.
.Pp
The
.Em wait/nowait
entry is used to tell
.Nm
if it should wait for the server program to return,
or continue processing connections on the socket.
If a datagram server reads a single datagram and connects
to its peer through a different socket, freeing the service's socket so
.Nm
can receive further messages on the socket, it is said to be
a
.Dq multi-threaded
server, and should use the
.Dq nowait
entry.
For datagram servers which process all incoming datagrams
on a socket and eventually time out, the server is said to be
.Dq single-threaded
and should use a
.Dq wait
entry.
.Xr comsat 8
.Pq Xr biff 1
and
.Xr ntalkd 8
are both examples of the latter type of
datagram server.
.Xr tftpd 8
is an exception; it is a datagram server that establishes pseudo-connections.
It must be listed as
.Dq wait
in order to avoid a race;
the server reads the first packet, creates a new socket,
and then forks and exits to allow
.Nm
to check for new service requests to spawn new servers.
The optional
.Dq max
suffix (separated from
.Dq wait
or
.Dq nowait
by a dot or a colon) specifies the maximum number of server instances that may
be spawned from
.Nm
within an interval of 60 seconds.
When omitted,
.Dq max
defaults to 40.
If it reaches this maximum spawn rate,
.Nm
will log the problem (via the syslogger using the
.Dv LOG_DAEMON
facility and
.Dv LOG_ERR
level)
and stop handling the specific service for ten minutes.
.Pp
Stream servers are usually marked as
.Dq nowait
but if a single server process is to handle multiple connections, it may be
marked as
.Dq wait .
The master socket will then be passed as fd 0 to the server, which will then
need to accept the incoming connection.
The server should eventually time
out and exit when no more connections are active.
.Nm
will continue to
listen on the master socket for connections, so the server should not close
it when it exits.
.Xr identd 8
is usually the only stream server marked as wait.
.Pp
The
.Em user
entry should contain the user name of the user as whom the server should run.
This allows for servers to be given less permission than root.
Optionally, a group can be specified by appending a colon to the user name,
followed by the group name (it is possible to use a dot (``.'') in lieu of a
colon, however this feature is provided only for backward compatibility).
This allows for servers to run with a different (primary) group id than
specified in the password file.
If a group is specified and
.Em user
is not root, the supplementary groups associated with that user will still be
set.
.Pp
The
.Em server-program
entry should contain the pathname of the program which is to be
executed by
.Nm
when a request is found on its socket.
If
.Nm
provides this service internally, this entry should
be
.Dq internal .
.Pp
The
.Em server program arguments
should be just as arguments
normally are, starting with argv[0], which is the name of
the program.
If the service is provided internally, the
word
.Dq internal
should take the place of this entry.
It is possible to quote an argument using either single or double quotes.
This allows you to have, e.g., spaces in paths and parameters.
.Ss Key-Values Notation
In key-values notation, keys are separated from their associated values by `=',
values are separated by whitespace, and key-values options are separated by
commas.
A service definition is terminated by a semicolon.
Multiple definitions may exist on a single line (and a line may
end with a positional definition.
A key-values definition has the following form:
.Bd -filled -offset indent
[listen-addr:]service-spec {on|off} <option> = [value1],
<option> = [value1] [value2] ..., <option> =, ...;
.Ed
.Pp
Values may be in quotes, and support the following escape sequences.
.Bl -hang -width "\xXX" -offset indent
.It Sy \e\e
Backslash.
.It Sy \en
Line feed.
.It Sy \et
Tab.
.It Sy \er
Carriage return.
.It Sy \e'
Single quote.
.It Sy \e"
Double quote.
.It Sy \exXX
Hexadecimal byte value, replace XX.
.El
.Pp
.Em [listen-addr:]service-spec
has the same form as in positional notation. If
.Em service-spec
is followed by
.Em on
then the service definition is active by default.
If
.Em service-spec
is followed by
.Em off
then the service definition is parsed and errors are output to
the system log, but the service is not active and no sockets are created.
.Pp
Comments that exist between the initial on/off directive
and the closing semicolon may begin in any column and may exist on the same line
as non-comment text.
Note: editor syntax highlighting may be misleading!
.Pp
Syntax and semantic error detection is performed on a best-effort basis.
If an error with a service definition is easily detectable, it will
log the error using
.Xr syslog 3
and continue reading the configuration file if possible, skipping the erroneous
definition or file.
Otherwise, it is up to the user to write definitions that conform to the
documentation.
Errors may be worded differently depending on the ordering of
options in the service definition.
.Pp
The following are the available values for
.Em <option>:
.Bl -hang -width "acceptfilter"
.It Sy bind
Set the listen address for this service.
This can be an IPv4 or IPv6 address or a hostname.
.It Sy socktype
Equivalent to
.Em socket-type
in positional notation.
.Em socktype
is optional if
.Em protocol
is specified and is
.Li udp{4,6}
or
.Li tcp{4,6} .
.It Sy acceptfilter
An accept filter, equivalent to
.Em accept
in positional notation (see
.Xr accept_filter 9
and
.Dv SO_ACCEPTFILTER
in
.Xr setsockopt 2 ) .
.It Sy protocol
Equivalent to
.Em protocol
in positional notation.
If specified as
.Li tcp
or
.Li udp
with no version specifier, the associated hostname or
.Em bind
value is used to determine the IP version.
If the version is not specified and the hostname string or
.Em bind
value is not an IPv4 or IPv6 address, the service definition is
invalid.
.It Sy sndbuf
Equivalent to
.Em sndbuf
in positional notation.
.It Sy recvbuf
Equivalent to
.Em recvbuf
in positional notation.
.It Sy wait
The value
.Li yes
or
.Li no .
Equivalent to
.Em wait/nowait
in positional notation.
This option is automatically determined for internal
services, and is mandatory for all others.
.It Sy service_max
Equivalent to
.Em max
in positional notation.
Defaults to 40 if not specified.
.It Sy ip_max
Specifies the maximum number of server instances that may be spawned from
.Nm
within an interval of 60 seconds for a given IP address.
Other address types may also work if supported by
.Xr getnameinfo 3 ,
test thoroughly using
.Fl d .
For example, connections from unnamed Unix sockets
do not work, but connections from named Unix sockets may work.
However, there is no way to only accept named Unix sockets.
.It Sy user
The user to run the program as.
Equivalent to
.Em user
in positional notation.
.It Sy group
The primary group to run the program as.
Equivalent to
.Em group
in positional notation.
.It Sy exec
The path to the program's executable or
.Dq internal
for a built-in service.
If not specified, this will be assumed to be
.Dq internal
(and will fail if
.Em socktype
is not specified).
.It Sy args
The program arguments.
By convention, the first argument should be the name of the program.
.It Sy ipsec
An IPsec policy string.
Defaults to the global default setting.
If specified without a value (i.e.,
.Dq ipsec=, ) ,
IPsec will be disabled for this service.
See the
.Sx Directives
section for details.
Currently only one value is allowed, so all IPsec policies
should be in a quoted string, separated by semicolons.
.El
.Ss Directives
<listen-addr>:
.Pp
To avoid the need to repeat listen addresses over and over again,
listen addresses are inherited from line to line, and the listen
address can be changed without defining a service by including a line
containing just a
.Em listen-addr
followed by a colon.
The default (compatible with historical configuration files) is \&*.
To return to this behavior after configuring some services with
specific listen addresses, give \&* explicitly.
.Pp
.Li "#@"
[<IPsec policy>] [; [<IPsec policy>]] ...
.Pp
The implementation includes a tiny hack to support IPsec policy settings for
each socket.
A special form of the comment line, starting with
.Dq Li "#@" ,
is used as a policy specifier.
The content of the above comment line will be treated as a IPsec policy string,
as described in
.Xr ipsec_set_policy 3 .
Multiple IPsec policy strings may be specified by using a semicolon
as a separator.
If conflicting policy strings are found in a single line,
the last string will take effect.
IPsec policy strings are not parsed in
comments within a key-values service definition.
A
.Li "#@"
line affects all of the subsequent lines in the same config file,
so you may want to reset the IPsec policy by using a comment line containing
only
.Li "#@"
.Pq with no policy string .
.Pp
If an invalid IPsec policy string appears in a config file,
.Nm
logs an error message using
.Xr syslog 3
and stops reading the current config file, but may continue reading
from other files not affected by the IPsec directive.
.Pp
\&.include <glob-path>
.Pp
Other files can be read by inetd by specifying an include directive in an inetd
config file.
.Em glob-path
is an
absolute path or a path relative (including parent directories) to the directory
containing the current config
file, and may contain glob patterns as specified by
.Xr glob 7 .
.Pp
To include a specific file, include the relative or absolute path of the file.
To include all files in a directory,
.Em glob-path
should be the directory of the files to include followed by "/*".
.Pp
The listening address and IPsec configuration strings of the current config file
are inherited by files included by this directive.
.Pp
Files included by this directive using a glob path match are not read in a
specific order.
If a specific order is desired, files or directories should be
included individually without the use of glob patterns.
Behavior is undefined if
multiple include directives include the same file and
this should be avoided.
Circular references are caught by
.Nm .
Anything after
.Em glob-path
on the same line is ignored.
.Em glob-path
may be in quotes.
.Ss Internal Services
.Nm
provides several
.Qq trivial
services internally by use of routines within itself.
These services are
.Qq echo ,
.Qq discard ,
.Qq chargen
(character generator),
.Qq daytime
(human readable time), and
.Qq time
(machine readable time,
in the form of the number of seconds since midnight, January 1, 1900 GMT).
For details of these services, consult the appropriate
.Tn RFC .
.Pp
TCP services without official port numbers can be handled with the
RFC1078-based tcpmux internal service.
TCPmux listens on port 1 for requests.
When a connection is made from a foreign host, the service name
requested is passed to TCPmux, which performs a lookup in the
service name table provided by
.Pa /etc/inetd.conf
and returns the proper entry for the service.
TCPmux returns a negative reply if the service doesn't exist,
otherwise the invoked server is expected to return the positive
reply if the service type in
.Pa /etc/inetd.conf
file has the prefix
.Qq tcpmux/ .
If the service type has the
prefix
.Qq tcpmux/+ ,
TCPmux will return the positive reply for the
process; this is for compatibility with older server code, and also
allows you to invoke programs that use stdin/stdout without putting any
special server code in them.
Services that use TCPmux are
.Qq nowait
because they do not have a well-known port number and hence cannot listen
for new requests.
.Pp
.Nm
rereads its configuration file when it receives a hangup signal,
.Dv SIGHUP .
Services may be added, deleted or modified when the configuration file
is reread.
.Nm
creates a file
.Em /var/run/inetd.pid
that contains its process identifier.
.Ss libwrap
Support for
.Tn TCP
wrappers is included with
.Nm
to provide internal tcpd-like access control functionality.
An external tcpd program is not needed.
You do not need to change the
.Pa /etc/inetd.conf
server-program entry to enable this capability.
.Nm
uses
.Pa /etc/hosts.allow
and
.Pa /etc/hosts.deny
for access control facility configurations, as described in
.Xr hosts_access 5 .
.Pp
.Em Nota Bene :
.Tn TCP
wrappers do not affect/restrict
.Tn UDP
or internal services.
.Ss IPv6 TCP/UDP behavior
If you wish to run a server for both IPv4 and IPv6 traffic,
you will need to run two separate processes for the same server program,
specified as two separate lines in
.Pa /etc/inetd.conf
using
.Dq tcp4
and
.Dq tcp6
respectively.
In positional syntax, plain
.Dq tcp
means TCP on top of the current default IP version,
which is, at this moment, IPv4.
.Pp
Under various combination of IPv4/v6 daemon settings,
.Nm
will behave as follows:
.Bl -bullet -compact
.It
If you have only one server on
.Dq tcp4 ,
IPv4 traffic will be routed to the server.
IPv6 traffic will not be accepted.
.It
If you have two servers on
.Dq tcp4
and
.Dq tcp6 ,
IPv4 traffic will be routed to the server on
.Dq tcp4 ,
and IPv6 traffic will go to server on
.Dq tcp6 .
.It
If you have only one server on
.Dq tcp6 ,
only IPv6 traffic will be routed to the server.
The kernel may route to the server IPv4 traffic as well,
under certain configuration.
See
.Xr ip6 4
for details.
.El
.Sh FILES
.Bl -tag -width /etc/hosts.allow -compact
.It Pa /etc/inetd.conf
configuration file for all
.Nm
provided services
.It Pa /etc/services
service name to protocol and port number mappings.
.It Pa /etc/protocols
protocol name to protocol number mappings
.It Pa /etc/rpc
.Tn Sun-RPC
service name to service number mappings.
.It Pa /etc/hosts.allow
explicit remote host access list.
.It Pa /etc/hosts.deny
explicit remote host denial of service list.
.El
.Sh SEE ALSO
.Xr hosts_access 5 ,
.Xr hosts_options 5 ,
.Xr protocols 5 ,
.Xr rpc 5 ,
.Xr services 5 ,
.Xr comsat 8 ,
.Xr fingerd 8 ,
.Xr ftpd 8 ,
.Xr rexecd 8 ,
.Xr rlogind 8 ,
.Xr rshd 8 ,
.Xr telnetd 8 ,
.Xr tftpd 8
.Rs
.%A J. Postel
.%R RFC
.%N 862
.%D May 1983
.%T "Echo Protocol"
.Re
.Rs
.%A J. Postel
.%R RFC
.%N 863
.%D May 1983
.%T "Discard Protocol"
.Re
.Rs
.%A J. Postel
.%R RFC
.%N 864
.%D May 1983
.%T "Character Generator Protocol"
.Re
.Rs
.%A J. Postel
.%R RFC
.%N 867
.%D May 1983
.%T "Daytime Protocol"
.Re
.Rs
.%A J. Postel
.%A K. Harrenstien
.%R RFC
.%N 868
.%D May 1983
.%T "Time Protocol"
.Re
.Rs
.%A M. Lottor
.%R RFC
.%N 1078
.%D November 1988
.%T "TCP port service Multiplexer (TCPMUX)"
.Re
.Sh HISTORY
The
.Nm
command appeared in
.Bx 4.3 .
Support for
.Em Sun-RPC
based services is modeled after that
provided by SunOS 4.1.
Support for specifying the socket buffer sizes was added in
.Nx 1.4 .
In November 1996, libwrap support was added to provide
internal tcpd-like access control functionality;
libwrap is based on Wietse Venema's tcp_wrappers.
IPv6 support and IPsec hack was made by KAME project, in 1999.
.Sh BUGS
Host address specifiers, while they make conceptual sense for RPC
services, do not work entirely correctly.
This is largely because the portmapper interface does not provide
a way to register different ports for the same service on different
local addresses.
Provided you never have more than one entry for a given RPC service,
everything should work correctly (Note that default host address
specifiers do apply to RPC lines with no explicit specifier.)
.Pp
.Em tcpmux
on IPv6 is not tested enough.
.Pp
For automatic IP version detection in key-values syntax (see the
.Em protocol
key), addresses with an interface specifier in the form <address>%<iface>
are not currently supported, as addresses of that form are not parsed by
.Xr inet_pton 3 .
.Pp
If a positional service definition has an invalid parameter and extends
across multiple lines using tab characters, the subsequent lines after the
error are treated as new service definitions.
.Sh SECURITY CONSIDERATIONS
Enabling the
.Dq echo ,
.Dq discard ,
and
.Dq chargen
built-in trivial services is not recommended because remote
users may abuse these to cause a denial of network service to
or from the local host.