Bug 79274 - Xinetd v 2.3.7-4.7x redirects fail to start
Summary: Xinetd v 2.3.7-4.7x redirects fail to start
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: xinetd
Version: 7.3
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jay Fenlason
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-12-09 13:55 UTC by Andrew Meredith
Modified: 2014-08-31 23:24 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2003-05-13 17:14:06 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2003:160 0 normal SHIPPED_LIVE : Updated xinetd packages fix a denial-of-service attack and other bugs 2003-05-13 04:00:00 UTC
Red Hat Product Errata RHSA-2003:161 0 normal SHIPPED_LIVE Important: xinetd security update 2003-05-22 04:00:00 UTC

Description Andrew Meredith 2002-12-09 13:55:27 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
With xinetd 2.3.7-4.7x the /etc/xinetd.d/ entries that represent local services
start just fine, but the entries that represent redirects do not seem to be
recognised. The output from xinetd -d shos that the files are found and read
with no extra debug output showing an error.

Downgrading to 2.3.3-1 with the same xinfig files in xinetd.d brings the
redirects back into service.

Version-Release number of selected component (if applicable):
2.3.7-4.7x

How reproducible:
Always

Additional info:

An xinetd.d file that works under the old version of xinetd, but not the new one.

[root@zool root]# cd /etc/xinetd.d/
[root@zool xinetd.d]# cat http
# default: off
# description:  A port forward for http
service http
{
	disable	= no
	socket_type		= stream
	protocol		= tcp
	wait			= no
	user			= root
	redirect		= 192.168.15.1 80
}

Comment 1 Mike Baptiste 2003-01-08 20:31:58 UTC
This is a known bug in v2.3.7 and I just got nailed by it this morning when we
updated xinetd.  Redhat really needs to fix this - all port redirects seem
broken with version 2.3.7

See 
http://marc.theaimsgroup.com/?l=xinetd&m=102996722420681&w=2
and
http://marc.theaimsgroup.com/?l=xinetd&m=102997330427341&w=2

where other users report this issue

We have backed down to v2.3.4 and everything with our redirects is working again

Comment 2 Andrew Meredith 2003-01-09 01:19:50 UTC
A fix was formally released in 2.3.8 

* Reworked redirect to better detect problems
  in its configuration. Also, redirect now allows
  service names for port numbers. -Steve Grubb

cheers Steve

... and there is now a 2.3.9 (Released 24 Sep 2002)

This one will quite probably hurt Red Hat's corporate customers who are trying
to use RH7.2/7.3/8.0 as a proxy-firewall platform. It really isn't making Red
Hat's QA function look that good.

Comment 3 Mark J. Cox 2003-05-13 17:14:07 UTC
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2003-160.html



Note You need to log in before you can comment on or make changes to this bug.