79274 – Xinetd v 2.3.7-4.7x redirects fail to start

Bug 79274 - Xinetd v 2.3.7-4.7x redirects fail to start

Summary: Xinetd v 2.3.7-4.7x redirects fail to start

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	xinetd
Sub Component:
Version:	7.3
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jay Fenlason
QA Contact:	Brock Organ
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2002-12-09 13:55 UTC by Andrew Meredith
Modified:	2014-08-31 23:24 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2003-05-13 17:14:06 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2003:160	0	normal	SHIPPED_LIVE	: Updated xinetd packages fix a denial-of-service attack and other bugs	2003-05-13 04:00:00 UTC
Red Hat Product Errata	RHSA-2003:161	0	normal	SHIPPED_LIVE	Important: xinetd security update	2003-05-22 04:00:00 UTC

Description Andrew Meredith 2002-12-09 13:55:27 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
With xinetd 2.3.7-4.7x the /etc/xinetd.d/ entries that represent local services
start just fine, but the entries that represent redirects do not seem to be
recognised. The output from xinetd -d shos that the files are found and read
with no extra debug output showing an error.

Downgrading to 2.3.3-1 with the same xinfig files in xinetd.d brings the
redirects back into service.

Version-Release number of selected component (if applicable):
2.3.7-4.7x

How reproducible:
Always

Additional info:

An xinetd.d file that works under the old version of xinetd, but not the new one.

[root@zool root]# cd /etc/xinetd.d/
[root@zool xinetd.d]# cat http
# default: off
# description:  A port forward for http
service http
{
	disable	= no
	socket_type		= stream
	protocol		= tcp
	wait			= no
	user			= root
	redirect		= 192.168.15.1 80
}

Comment 1 Mike Baptiste 2003-01-08 20:31:58 UTC

This is a known bug in v2.3.7 and I just got nailed by it this morning when we
updated xinetd.  Redhat really needs to fix this - all port redirects seem
broken with version 2.3.7

See 
http://marc.theaimsgroup.com/?l=xinetd&m=102996722420681&w=2
and
http://marc.theaimsgroup.com/?l=xinetd&m=102997330427341&w=2

where other users report this issue

We have backed down to v2.3.4 and everything with our redirects is working again

Comment 2 Andrew Meredith 2003-01-09 01:19:50 UTC

A fix was formally released in 2.3.8 

* Reworked redirect to better detect problems
  in its configuration. Also, redirect now allows
  service names for port numbers. -Steve Grubb

cheers Steve

... and there is now a 2.3.9 (Released 24 Sep 2002)

This one will quite probably hurt Red Hat's corporate customers who are trying
to use RH7.2/7.3/8.0 as a proxy-firewall platform. It really isn't making Red
Hat's QA function look that good.

Comment 3 Mark J. Cox 2003-05-13 17:14:07 UTC

An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2003-160.html

Note You need to log in before you can comment on or make changes to this bug.