> For a few years I have been running nc from inetd together with pf > redirect rules to reach LAN servers via their public IP adresses from > LAN: > > # cat /etc/inetd.conf > 127.0.0.1:20080 stream tcp nowait proxy /usr/bin/nc nc -w 20 PR.IV.AT.E 80 > 127.0.0.1:20443 stream tcp nowait proxy /usr/bin/nc nc -w 20 PR.IV.AT.E 443 > > Now that proxy user is gone in 6.1, what would be appropriate account to > run nc under? Is nobody OK? Something else? > > Or is there a better way to accomplish this?
A user of your own you create. Never reuse a user intended for another purpose. Take a glance at the ptrace manual page.
