/usr/sbin/hfaxd [ -d ] [ -D secs ] [ -q dir ] [ -c config ] [ -o port ] [ -O ] [ -f bindaddressfamily ] [ -l bindaddress ] [ -p pasv_min_port:pasv_max_port ] [ -i port ] [ -I ] [ -s port ] [ -S ]
hfaxd is the HylaFAX program that implements the server portion of:
- the client-server protocol and
- the Simple Network Paging Protocol (SNPP) used to submit message pager jobs to the IXO/TAP and UCP support.
Additional client-server protocols are planned and hfaxd is intended to be the “carrier” through which they are supported.
hfaxd is typically used in one of two ways; either as a stand-alone process that is started at system boot time to listen for client connections on one or more ports (in which case the -i, -o, or -s option must be used), or as a subservient process to the inetd(8C) program. The two forms of use may however be combined so long as the same service is not provided both by the stand-alone hfaxd and through inetd.
Hylafax Client-Server Protocol Support
If hfaxd is started with the -i option it will service clients using the HylaFAX client-server protocol. This protocol is strongly related to the Internet File Transfer Protocol (FTP); so much so in fact that FTP client programs that include support for “quoted commands” may be used to communicate with hfaxd using the new protocol. (It should also be possible to use FTP-aware World Wide Web browsers such as Mosaic and Netscape Navigator to access HylaFAX servers through the new protocol; but the current format for information returned in directory listings confuses them.)
The hfaxd server currently recognizes the following protocol requests; case is not distinguished. Entries marked with a ¹ can be used only when the client has established administrative privileges with ADMIN.
The following non-standard or experimental commands are supported through the SITE request.
In addition FTP requests that are specified in Internet RFC 959 but not listed here are recognized, but not implemented.
The hfaxd server will abort an active data transfer only when the ABOR command is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet "Synch" signal in the command Telnet stream, as described in Internet RFC 959. If a STAT command is received during a data transfer, preceded by a Telnet IP and Synch, transfer status will be returned.
Simple Network Paging Protocol (Snpp) Support
If hfaxd is started with the -s option it will service clients using the Simple Network Pager Protocol (SNPP) as specified in RFC 1861 (which obsoletes RFC 1645).
The hfaxd server currently recognizes the SNPP protocol requests listed below. Requests marked with a ¹ are non-standard extensions to RFC 1861 that may be added to SNPP at some future time. Case is not distinguished and only the first four characters of requests are used in identifying commands.
The hfaxd server will abort an active SEND operation when an ABOR command is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet "Synch" signal in the command Telnet stream.
The following non-standard or experimental commands are also supported through the SITE request.
Note that hfaxd requires that SNPP clients login first with the LOGI directive while RFC 1861 permits clients to submit pages anonymously.
Client Access Control
hfaxd controls client access according to the information in the file /var/spool/hylafax/etc/hosts.hfaxd. This file defines the set of users and machines that may receive service and, optionally, defines password challenges to use in authenticating clients. Clients may be permitted access to services with or without a password challenge. Access may also be restricted based on the host machine that a request for service originates from. Consult hosts.hfaxd(5F) for information on the format and content of this file. The SITE ADDUSER protocol request is provided for adding new users to a server (available only to clients with administrative privileges).
Server resources are controlled based on clients' identities. Jobs and documents, both received and submitted, are protected by the server. Typically clients are permitted access to anything they own or that is publicly accessible. There are also administrative privileges that clients may acquire and which permit them wide access to objects that reside on the server.
A complete client-server protocol specification is still outstanding.
hfaxd operates with its root directory set to the top of the HylaFAX spooling area; /var/spool/hylafax. This is done so that clients see a virtual file hierarchy that is completely contained within the HylaFAX operating environment on the server machine. Administrators however must be aware of this action when specifying files in the hfaxd configuration file: absolute pathnames relative to the root of the spooling should be used to specify filenames.
Server Access Control
The file /var/spool/hylafax/etc/shutdown, when present, specifies when to restrict access to a server machine. When this file is present and contains valid information hfaxd will permit only users with administrative privileges to access the server. Any other users that request service will be denied access and negative server responses will include any shutdown message specified in the shutdown file. Consult hylafax-shutdown(5F) for information on the format and content of this file.
The SHUT protocol request can be used to schedule a server shutdown; it is available only to clients with administrative privileges. To make a shutdown server available again the shutdown file can be deleted with the DELE protocol request (this is to be replaced with an “unshut” protocol request so that implementation details are not part of the protocol).
hfaxd reads configuration information from the file /etc/hylafax/hfaxd.conf each time a new server process is started (i.e. for each new client). This file uses the same conventions used by other HylaFAX configuration files; as described in hylafax-config(5F). The following configuration parameters are recognized; items marked “(SNPP)” are used only by the SNPP support.
The configuration parameters are explained below:
The e-mail address to display as a point of contact in the help text returned to a client in response to the HELP or SITE HELP commands. By default this is “FaxMaster@hostname”, where hostname is the fully qualified name for the machine where the server is running.
The format string to use when returning file status information with the LIST and STAT commands. Formats are specified using printf(3S) style conventions but using the field identifiers listed below. Each item can include field width, precision, left-justification, 0-filling, etc. just as for printf; e.g. %-8p for an 8-character wide, left-justified, blank-padded field containing the file protection flags.
Last access time
Device number (octal)
Group identifier (decimal)
Inode number (decimal)
Link count (decimal)
Last modification time
Owner (based on file GID)
Fax-style protection flags (no group bits)
UNIX-style protection flags
Root device number (octal)
File size in bytes (decimal)
User identifier (decimal)
The default format string is “%-7p %3l %8o %8s %-12.12m %.48f”. It is recommended that all items include a field width so that client applications that construct headers from the format string can constrain the width of column title strings.
The initial/default timeout to use in timing out idle clients. This value defines the maximum amount of time (in seconds) that hfaxd will wait for a command from a client before terminating the connection. Unprivileged clients may alter the idle timeout up to the value of MaxIdleTimeout; privileged clients may set the timeout to any value.
The format string to use when returning job status information for jobs in the sendq and doneq directories. Formats are specified using printf(3S) style conventions but using the field identifiers listed below. Each item can include field width, precision, left-justification, 0-filling, etc. just as for printf; e.g. %-3j for a 3-character wide, left-justified, blank-padded field containing the job state.
Destination company name
Total # dials/maximum # dials
Desired signalling rate
Client-specific tagline format string
Desired min-scanline time
Desired data format
Client-specified scheduling priority
Client-specified job tag string
Desired use of ECM
Destination geographic location
Notification e-mail address
Desired use of private tagline (one-character symbol)
Whether to use continuation cover page (one-character symbol)
# pages transmitted/total # pages to transmit
Client-specified minimum acceptable signalling rate
Destination person (receiver)
Total # tries/maximum # tries
Page chopping threshold (inches)
Job done operation
Job type (one-character symbol)
Scheduled date and time
Scheduled time in seconds since the UNIX epoch
Job state (one-character symbol)
# consecutive failed tries
Client machine name
Total # dials
Public (external) format of dialstring
# consecutive failed dials
Page chop handling (one-character symbol)
Current scheduling priority
Job kill time
Page length in mm
E-mail notification handling (one-character symbol)
# pages transmitted
Job retry time (MM::SS)
Document resolution in lines/inch
Job status information from last failure
Total # tries attempted
Maximum # tries
Page width in mm
Maximum # dials
Total # pages to transmit
Time to send job
The default format string is “%-4j %3i %1a %6.6o %-12.12e %5P %5D %7z %.25s”. This string constrains each status line to be less than 80 characters. It is recommended that all items include a field width so that client applications, such as faxstat(1) that construct headers from the format string can constrain the width of column title strings.
A formatted string of the format “<id>[:<host>[:<username>:<password>:<adminwd>]]” that identifies a job host. Multiple instances of JobHostID are used in the configuration file to identify multiple job hosts. “<id>” is a numeric identification for the host which is prepended onto job ids created by that host. This is used by a client to distinguish between jobs created on different hosts when it may not initially know to which server it connected. “<id>” must be the same number of digits for all configured job hosts. For compatibility with all clients “<id>” must be numeric only. If the instance of JobHostID only includes “<id>” then it is understood to refer to the local host and not a remote host. It is this configuration entry that causes the prepending of the “<id>” number onto the job ids. The other values for the formatted string refer to connection details for user-level and admin-level login at the identified remote host. If only “<host>” is provided then the current user's login credentials are used for the chained connection. This configuration will cause hfaxd to connect as a client to the specified remote host for the requested action when the job id provided by its client refers to that remote host (the provided job id matches the “<id>” value in the host's JobHostID configuration). To do this the hfaxd client connection to the remote host requires administrative privileges or synchonized user accounts on both hosts. Be aware that when providing “<username>”, “<password>”, and especially “<adminwd>” in the configuration that this may compromise job security on the remote host since users from this host will be connecting to the remote host as a different user (and possibly with administrative privileges). As a null value for “<adminwd>” is permissible, administrative privileges may be omitted by using “*” for “<adminwd>”. Because of the chroot under which the client instance of hfaxd operates it may be necessary to copy or link at least some system files to the HylaFAX spool directory structure so that the chained client connection can be made to the remote job host. This operation may need to be revisited after upgrades or changes to those system files. To identify which files may need to be included one may examine strace output for faxstat and look for which files it opens in the operation.
The default setting of “0644” allows all users to view all job parameters in the send and done queues. The mode determines the permissions of the clients to see the jobs, following the HylaFAX permission model of the group bits controlling uid permissions and the other bits controlling other permissions. A setting of “0640” allows only the job owner and the administrator to view jobs. If a user doesn't have permissions on the job, the job will not be visible to them when viewing the queues.
The mapping from SNPP service level (0-11) to job expiration time (kill time). A mapping is specified as a string of space-separate numbers where each value is the number of minutes to permit a job to run. The default mapping is “5 5 5 15 60 240 720 1440 1440 1440 1440 1440” which expires a job in 5 minutes for service levels 0-2, 15 minutes for level three, 60 minutes for level four, etc.
The full address of the ldap server including port number, i.e.: ldaps://22.214.171.124:636 (for secure connections) or ldap://126.96.36.199:389 (for insecure connections)
The full LDAP context where user objects can be found, i.e.: ou=users,dc=example,dc=com for Active Directory/LDAP or ou=users,o=organization for Novell eDirectory
The format for the LDAP bind query (ldap_sasl_bind_s) where “%s” is replaced with the username. If LDAPBindQuery is not configured, then the bind query will use the format “cn=%s,<BaseDN>” where “%s” is the username, and “<BaseDN>” is the configured LDAPBaseDN string.
The label for the group membership data. On older OpenLDAP servers this should probably be “groupMembership”. On ActiveDirectory this should probably be “memberOf”.
The full LDAP context of the group users have to be a member of to gain HylaFAX access for sending faxes. If this is not set then no group membership is required.
The format for the UserDN in the LDAP search (ldap_search_ext_s) where “%s” is replaced with the username. By default this is the same as LDAPBindQuery .
The format for the LDAP search query (ldap_search_ext_s) where “%s” is replaced with the username. By default this is “uid=%s”. On ActiveDirectory this should probably be set to “cn=%s”.
Version number of the LDAP Protocol to use (default is '3')
The symbolic name for the syslog(3) facility to use when logging error messages and informational/debugging messages requested through the ServerTracing parameter. The list of facility names is found in the system include file <syslog.h>; comparisons are case-insensitive.
The maximum number of unsuccessful attempts gain administrative privileges with the ADMIN command that hfaxd will permit a client before terminating the connection. Note that the count of attempts is reset if/when the client successfully gains administrative privileges.
The maximum number of consecutive unrecognized, unimplemented, syntactically incorrect, or otherwise unacceptable commands to permit a client before terminating the connection. This control has two purposes: to handle naive or malicious clients from sending long streams of nonsense commands to a server, and to ensure that clients are forcibly terminated when a server is marked shutdown.
The maximum value that a client may set the idle timeout to. This value is not enforced if the client has administrative privileges.
The maximum number of unsuccessful attempts to login with the USER and PASS commands that hfaxd will permit a client before terminating the connection.
The maximum number of characters to accept in a pager message specified with the DATA or MESS commands. Messages longer than this value are rejected.
The format string to use when returning modem status information for modems listed in the status directory. Formats are specified using printf(3S) style conventions but using the field identifiers listed below. Each item can include field width, precision, left-justification, 0-filling, etc. just as for printf; e.g. %-8h for an 8-character wide, left-justified, blank-padded field containing the name of the host the server is running on.
Local identifier string
Canonical modem name
FAX phone number
Maximum pages that can be received in a single call
Status information string
Server and session tracing levels (xxxxx:yyyyy)
Modem speaker volume as one-character symbol
A “*” if a faxgetty(8C) process is running; otherwise “ ” (space)
The default format string is “Modem %m (%n): %s”.
The absolute pathname of the file that contains directions for mapping pager identifiers to IXO/TAP or UCP service providers (and optionally a pager identification number). Consult pagermap(5F) for information on the format and content of this file. (Note that absolute pathnames are relative to the root of the spooling area).
The mapping from SNPP service level (0-11) to job scheduling priority. A mapping is specified as a string of space-separate numbers where each value is the priority to assign to a job. The default mapping is “63 127 127 127 127 127 127 127 127 127 127 127” which assigns a high priority to service level zero and normal (default) priority to all other service levels.
The format string to use when returning status information for received facsimile in the recvq directory. Formats are specified using printf(3S) style conventions but using the field identifiers listed below. Each item can include field width, precision, left-justification, 0-filling, etc. just as for printf; e.g. %-3b for a 3-character wide, left-justified, blank-padded field containing the signalling rate.
Reception indicator (1=yes, 0=no)
Received date and time
Received time in seconds since the UNIX epoch
SubAddress received from sender (if any)
Signalling rate used during receive
Data format used during receive
Error description if an error occurred during receive
Document filename (relative to the recvq directory)
Time spent receiving document (HH:MM:SS)
Page length in mm
Fax-style protection mode string (“-rwxrwx”)
File size (number of bytes)
Number of pages in document
UNIX-style protection flags
Resolution of received data
Sender identity (TSI)
Compact representation of the time when the receive happened
Page width in mm
A “*” if receive is going on; otherwise “ ” (space)
The default format string is “%-7m %4p%1z %-8.8o %14.14s %7t %f”. This string constrains each status line to be less than 80 characters. It is recommended that all items include a field width so that client applications, such as faxstat(1) that construct headers from the format string can constrain the width of column title strings.
The permissions setting for administrator, owners, and users for viewing files in the HylaFAX receive queue. The default setting of “0444” allows all users to view all files in the queues. A setting of “0440” allows only the job owner and the administrator to view files. A setting of “0040” allows only the administrator to view the files. If a user doesn't have permissions on the file, the file will not be visible to them when viewing the queue.
The mapping from SNPP service level (0-11) to job retry time. A mapping is specified as a string of space-separate numbers where each value is the number of seconds to delay between delivery attempts. A value of zero causes retries to be scheduled using the default algorithm used by the HylaFAX job scheduler. The default mapping is “30 60 60 180 0 0 0 0 0 0 0 0” which retries a level 0 job after a 30 second delay, levels 1 and 2 after 60 seconds, level 3 after 3 minutes, and other jobs are retried according to the usual scheduling algorithm.
A number that controls the generation of tracing information by a server. areas that are individually controlled. To enable tracing of multiple areas of operation, the flag associated with each area should be bit-or'd to form the value for this tag.
General server operation
Client-server protocol requests and responses
File transfers from client to server
File transfers from server to client
All network connections
FIFO messages to and from faxq(8C)
TIFF Library errors and warnings
Configuration file processing
Tracing messages are directed to syslog(3) using the facility specified with the LogFacility configuration parameter. Note that syslogd(8C) must be configured to capture facility.info, facility.debug, facility.warning, and facility.err messages.
The absolute pathname of the server shutdown file; see hylafax-shutdown(5F) for information on the format and content of this file. (Note that absolute pathnames are relative to the root of the spooling area).
The absolute pathname of the user access control file; see hosts.hfaxd(5F) for information on the format and content of this file. (Note that absolute pathnames are relative to the root of the spooling area).
The absolute pathname of the file to use for logging client-server file transfers (when enabled through the ServerTracing parameter). (Note that absolute pathnames are relative to the root of the spooling area).
- -q dir
The specified directory is treated as the spooling area. The default spooling area, /var/spool/hylafax, is defined at the time the software is built.
Stop hfaxd from detaching itself from the controlling terminal. This option is normally used only when running hfaxd under a debugger or when hfaxd is started up from the inetd(8C) process.
- -D secs
Sleep for the specified number of seconds before actually processing the client to allow a debugger to attach.
- -f bindaddressfamily
Bind to the specified bindaddressfamily tcp port. Options are “IPv4”, “IPv6”, or “all”. Please note that this argument needs to be specified before -i otherwise it will be ignored.
- -l bindaddress
Bind to the specified bindaddress tcp port. Please note that this argument needs to be specified before -i otherwise it will be ignored. A better approach to improve security would be to run hfaxd from xinetd, binding its service to the specific port. This will also make hylafax benefits from tcp wrappers and other options provided by xinetd.
- -p port:port
Restrict the range of TCP ports used when binding the socket for PASV/EPSV mode data transfers. Without this option, bind will be called with a port of 0, allowing the kernel to allocate an ephemeral port. To be useful, -p MUST be specified BEFORE -i due to the way command line arguments are parsed.
- -i port
Listen on the specified port for service requests and respond with the client-server protocol. The port may be specified either symbolically, e.g. “hylafax” or numerically. This flag may be specified multiple times to request service on multiple different ports.
- -s port
Listen on the specified port for service requests and respond with the Simple Network Paging (SNPP) protocol. The port may be specified either symbolically, e.g. “snpp” or numerically. This flag may be specified multiple times to request service on multiple different ports.
Service the client-server protocol using the standard input and output. This option is useful when hfaxd is started up by inetd(8C).
Service the Simple Network Paging (SNPP) protocol using the standard input and output. This option is useful when hfaxd is started up by inetd(8C).
Diagnostics generated by hfaxd are logged using syslog(3).
- -c config
Treat config as a configuration parameter specification that is interpreted after reading the configuration file. For example, “-c servertracing:0x4f” would set the ServerTracing configuration parameter to “0x4f”, overriding any setting in the configuration file.
To be filled in.
sendfax(1), sendpage(1), faxalter(1), faxrm(1), faxstat(1), faxq(8C), syslog(3) hylafax-server(5F), hosts.hfaxd(5F), status(5F), hylafax-shutdown(5F),