APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

telnet environment variables



From: rja.carnegie@excite.com (Robert Carnegie)
Subject: Re: how to set env var by telnet port no
Date: 1 Aug 2001 03:49:02 -0700
References: 
<OIC97.267$yY2.3439@news.itd.umich.edu>
<MvE97.4358$35.394462@iguano.antw.online.be>
<3b6739b3$0$322$8eec23a@newsreader.tycho.net> spcecdt@deeptht.armory.com (John DuBois) wrote in message news: <3b6739b3$0$322$8eec23a@newsreader.tycho.net>... > In article <MvE97.4358$35.394462@iguano.antw.online.be>, > Karel Adams <k_adams@glo.be> wrote: > > > >"Richard Karl Getchell" <rgetchel@gorf.gpcc.itd.umich.edu> schreef in > >bericht news:OIC97.267$yY2.3439@news.itd.umich.edu... > >> My problem: I don't know how to get the port number from within > >> the shell (/bin/sh). Any suggestions? > > > >Could you not have inetd invoke two different scripts? > >Each of these would first set $ABC as appropriate, afterwards they would be > >identical. > >Don't understand why /etc/profile must set $ABC. > > Not much in the telnetd environment makes it through to a login session. > Offhand, I can only think of TZ. I suppose in your telnetd script you could > subvert TZ with something like > > TZ=7023 > > and then in /etc/profile: > > PORT=$TZ > . /etc/TIMEZONE # to reset TZ > > (and do something equivalent in the initialization files for other shells in > use, if any) > > John Robert Carnegie chooses to introduce himself as the fool who rushes in where angels fear to thread. And I'm not sure how telnetd can set a "correct" non-default value of TZ anyway...? (Hypothetical question.)

Not sure if this is at all helpful, but one other datum that (perhaps)
gets through from telnetd is that the process _is_ telnetd.
The second telnetd that you run could be renamed or linked to /etc/td7023,
I presume.  Whether this helps depends on whether the user's shell process
can execute "ps -f" to see details of the root process that started the
shell - on OpenServer, that's "login", right? - and then the process that
started _that_ one, usually "telnetd".  However, you may have security set
so that users _can't_ "see" these processes which don't belong to them.
That's why I said "perhaps".

Alternatively: "who -x -m" gives me this session user's host address or
name, but not the local port.  "netstat -f inet" gives me host and port
information for all sessions.  _If_ you know that the _only_ telnet
connections from hosts on 7023-type connections are going to be the
7023-type connections (I guess that there's a firewall involved), _then_
I suppose this will do, more or less -

hostaddress=`who -x -m | (read yada yada yada date time host;echo $host)`
if netstat -f inet | grep ".7023 " | grep " $hostaddress." |
    grep -v " $hostaddress.7023 " >/dev/null
then
    # this is a host using local port 7023
fi

Using ksh I can do "who -x -m | read yada yada yada yada yada hostaddress",
but in /bin/sh variables don't survive beyond the pipeline...?

And I'm presuming that Joe user is allowed to run "netstat" at least...

If you have to cope with (near-) concurrent connections to port 23 and
to port 7023 from the same host, this algorithm won't work, because all
it tells you is that there is _a_ connection to port 7023 from the
host in question, and not that _this_ connection is to port 7023.
It only works if on your network, those two statements are equivalent.



On the other hand, if a firewall's involved then the host address itself
should tell you - if you know how to read it - whether the host is
beyond the firewall or not, assuming that that's essentially all that you
want to know.  I previously suggested executing "who -x -m" with the
environment variable HOSTRESORDER set to disable name lookup beyond
/etc/hosts (which apparently can't be disabled), which would give
you a raw IP address which you could compare to local routing tables.
_If_ the firewall is on the local network and not one or more sub-nets
away, then it should be feasible (...) to tell whether the route to your
host (the telnet client) points to the firewall, or elsewhere.

Then there's the network-address-translation type of firewall (we've
got one) where all the clients that come in through it appear to be
originating at the firewall itself anyway.  So the last term in
"who -x -m" will be the firewall's address.  And if that's all that
you wanted to know......



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> telnet environment variables ––>Re: how to set env var bytelnet port no



Increase ad revenue 50-250% with Ezoic

Kerio Samepage


Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us