fingerd stores its configuration in the environment. For commodity,
.env configuration is proposed, install the
and copy the
.env.template file into
.env and edit it following
This variable is mandatory and contains the endpoints to bind on, separated with commas (
,). Each endpoint can have the following format:
Bind on all addresses that
example.comresolve as (IPv4 and IPv6), port 79.
Bind on all addresses that
example.comresolve as (IPv4 and IPv6), port 1234.
18.104.22.168(IPv4), port 79.
22.214.171.124(IPv4), port 1234.
::1:2:3:4(IPv6) port 79.
::1:2:3:4(IPv6) port 1234.
Here are some examples:
# On modern platforms, binds on 127.0.0.1:79 (IPv4) # and [::1]:79 (IPv6). BIND=localhost # Binds on 126.96.36.199:3331 and [2001:41d0:302:2200::3b2]:79. BIND="188.8.131.52:3331,[2001:41d0:302:2200::3b2]:79" BIND="184.108.40.206:3331,2001:41d0:302:2200::3b2"
The host as which fingerd identifies itself (domain name),
The interface type, or where the displayed data comes from. There are several interface types:
There is no data (no users, no sessions).
The data is gathered from the system.
The data is gathered from a scenario (see Scenario (scripted actions) below).
The data is gathered from actions given in an IPC endpoint (see Live actions).
By default, the interface type is
If the interface type is
SCENARIO, then the following variable is
The scenario path (see Actions for the format).
The finger live action source (see Live actions).
The finger server should be available through the TCP port 79, which can only
be opened by
root on UNIX-like machines. Instead of using this port
directly, which forces the use of the
root user to manage the service,
you can redirect the incoming transmissions from an interface on TCP port 79
to another TCP port which you can open as a user (port number over 1024)
by appending a rule in
iptables -t nat -A OUTPUT -p tcp [-s <source ip>] [-d <destination ip>] \ --dport 79 -j DNAT --to '<ip:port>'
<source ip> is the source IP address or network that are redirected,
<destination ip> is the destination IP address or network for which the
requests are redirected and
<ip:port> is the IP and port
you want to forward the packets to, e.g.
For example, for running the server locally on port 3999 and only accepting requests from the same machine (on IPv4 and IPv6):
iptables -t nat -A OUTPUT -p tcp -s 127.0.0.1 -d 127.0.0.1 \ --dport 79 -j DNAT --to 127.0.0.1:3999 ip6tables -t nat -A OUTPUT -p tcp -s ::1 -d ::1 \ --dport 79 -j DNAT --to '[::1]:3999'
While interfaces provide still information to the server, some use actions underneath. In this section, the actions themselves are described.
Scenario (scripted actions)¶
Scenarios, represented by the
SCENARIO server type, are scripted
sequences of actions.
Scenarios use a TOML document describing actions, which are points in time
where something happens. Every action has a time offset, using a TOML
array section (
[[something]]), and properties describing what’s
happening. Time offsets are represented the following way:
Where negative times, starting with a dash (
-), are the initial situation,
what is supposed to have happened before the beginning.
-1w5d2h means “1 week, 5 days and 2 hours before the
2j means “2 days after the origin”. So if we want to make
an action that takes place 5 seconds after the origin, the first line of the
action will be the following one:
All actions have a type represented by the
type property, and other
properties depending on the type. Types and related properties are
described in the Actions section.