Re: Dick Plinston John Sanders Richard Plinston Levent Zillyboy Chris Wareham
> ".....Webmin will listen on port 10000 for http requests...." Webmin? LOL! Go have a look, buried in the menus of Webmin you will find - tada! - SWAT!
You will find a _link_ to swat, if it is installed. That link will contain the swat port number. so when that link is clicked in the browser the connection goes directly to swat (via xinetd and given the config allows it). It does _NOT_ go via port 80, 'httpd' or webmin.
> you still need a webserver of some form to handle the http requests,
SWAT _is_ a webserver (on port 901)
Webmin _is_ a webserver (on port 10000)
CUPS _is_ a webserver (on port 631)
You _do_not_need_ a webserver on port 80, nor 'httpd', to access those webservers. There is no need to run a general purpose webserver, such as Apache, in order to run those specialised webservers.
> and for Linux it is Apache that is the most popular choice, therefore it is Apache which will unquestioningly send requests on to port 901
_NO_IT_DOES_NOT_. Xinetd sends the requests to swat on port 901.
> and the potential security hole of SWAT if you haven't got your security sorted.
Only if is _deliberately_ installed AND _deliberately_ configured to be a) active, b) open to other machines, c) set so non-root users logins can write (if that is actually possible).
> That is handled at the setup stage by http, on port 80 (or whatever port your deluded AC buddy wants to set for http) and THEN handed over to port 901 for the transfer of data.
_NO_IT_IS_NOT_. An http request on port 901 _DOES_NOT_ go to port 80. Xinetd sends it to the webserver configured on port 901, swat is that webserver.
What you are confused by is that any webserver, or indeed any server, on any port will respond to a *connection request* by assigning an _unused_ port number to continue the conversation on until the request is completed.
So, for example, Apache will get a *connection request* on port 80 and then may assign, say, port 56382 to that conversation which will then be used while all the parts of the web pages are sent.
Swat will get *connection requests* on port 901 (without Apache, httpd, or port 80 involved at all) and will also assign an unused port to the conversation, maybe 41307.