TCPMUX(8)                                                            TCPMUX(8)

       tcpmux - implement RFC 1078, for inetd's without built-in support

       tcpmux [env=values]
       tcpmux -h
       tcpmux -V

       The Internet RFC 1078 specification is one of the shortest and clearest
       of the lot.  It allows a local site to implement TCP stream based  ser-
       vices with no "well known port" assigned, and almost no coding, by map-
       ping a local site policy service name to a shell command.

       This implementation provides compatibility with the modern BSD  inetd's
       built-in  version.   To  enable  the  generic service install a line in
              tcpmux stream tcp nowait root /usr/local/libexec/tcpmux tcpmux
       and possibly one in /etc/services (if it is not present):
              tcpmux    1/tcp     # Fabulous TCP Port Service Multiplexer

       Define the services to be presented in /etc/tcpmux.conf exactly as they
       would  be  in inetd's configuration file.  This service does not output
       the RFC1078 reply code, unless the service name is prefix with  a  plus
       (+).   As an extension to the inetd version a prefix of minus (-) makes
       the service name always fail (internally).

       Two additional configuration extensions are allowed, the first of which
       adds to the protocol.  A newhost:newport prefixed with an commercial at
       (@) specifies that the services has moved.  An empty  newhost  defaults
       to  the  current, an empty newport is taken as the same port.  Also the
       service may chain to an unprivileged account  by  shifting  to  another
       configuration file with a less-than (<).

       In  all cases the meta symbol (+, -, <, or @) is the first character of
       the configuration line.  See the EXAMPLES below.

       Command line assignments are added to the environment.  This allows the
       specification of an alternate configuration file on the command-line.

              Print only a brief help message.

              Show  only  the standerd version banner, the compile-time tunes,
              and the location of the configuration files.  If the config file
              is  not accessible by the invoker the error from stat(2) is also

              This specifies the name of the configuration file,  to  override
              the default file (which is usually in /etc).  This allows mortal
              logins to run the clever mux on an open high port.

       RCF1078_CONF=/home/earth/ksb/lib/rfc1078.conf -p2022 tcpmux
              Use the perl listener (from the msrcmux source) to run a  tcpmux
              on port 2022. -p2022 tcpmux RCF1078_CONF=/home/earth/ksb/lib/rfc1078.conf
              Same as above, but allow tcpmux to set the environment variable.

       pagesize stream tcp nowait nobody /usr/bin/pageszie pagesize
              Output the system pagesize, but do not include the RFC 1078 pos-
              itive acknowledgment code.  This is not recommended behavior for
              any service.  The muxcat(1l) client's option -F  allows  clients
              to connect to such a service.

       +date stream tcp nowait nobody /bin/date date
              Output the system clock as a network service, the hard way.

       -uptime stream tcp nowait nobody /usr/bin/uptime uptime
              Provide  an  explicit failure message ("Sorry") for the "uptime"

       uptime stream tcp nowait nobody /bin/echo echo -uptime
              Produce a failure message via echo(1).

       <service stream tcp nowait login new.conf tcpmux
              The process drops uid to the named login,  then  continues  pro-
              cessing  with the new configuration file new.conf.  That file is
              relative to the new login's home directory, and must be readable
              by  the  login.   An acknowledgment of "+service" is sent to the

              This is an extension to  the  configuration  file  and  is  only
              available in this implementation of the amazing mux.

       @service newhost:newport
              The  service  returns  the  "@newhost:newport"  rather  than  an
              acknowledgment code of either plus (+) or minus (-).  The client
              should  re-attempt the connection to the given host on the given
              port, with the same services.  Either value may  be  the  empty,
              which  should be treated as "no change".  Any circular referrals
              must be trapped by the client.

              This is an extension to the protocol and is  only  available  in
              this implementation of the glorious mux.

       It  is trivial to grant access to an unsafe command (viz. a shell) with
       this service.

       As implied, this only works for TCP streams,  and  the  nowait  in  the
       inetd.conf line for the tcpmux makes wait useless for the beautiful mux
       itself, so we don't even look.

       The output message for explicitly failed services is "Sorry", which  is
       over-used by UNIX bigots.

       The RFC mandated "help" command always shows every service; it would be
       nice to hide services from casual snoopers.  Use the recursive configu-
       rations to implement that.

       Kevin Braunsdorf, NPC Guild
       mux no_spam-at_thanks

       At the URI

       sh(1),   perl(1),  inetd(8),  inetd.conf(5),  muxsend(1l),  muxcat(1l),
       recvmux(7l), msrcmux(7l), roapmux(7l), explmux(7l)

                                     LOCAL                           TCPMUX(8)