Date: Thu, 28 May 1998 04:50:00 -0700 (PDT) From: njs3@doc.ic.ac.uk (Niall Smart) To: freebsd-bugs@FreeBSD.ORG Subject: Re: kern/6774: bind(3)/libc improvement Message-ID: <199805281150.EAA21797@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/6774; it has been noted by GNATS. From: njs3@doc.ic.ac.uk (Niall Smart) To: bicknell@ufp.org, FreeBSD-gnats-submit@freebsd.org Cc: Subject: Re: kern/6774: bind(3)/libc improvement Date: Thu, 28 May 1998 12:51:11 +0100 On May 27, 5:39pm, Leo Bicknell wrote: } Subject: kern/6774: bind(3)/libc improvement > > >Synopsis: bind(3)/libc improvement > Many programs bind to "wildcard" addresses for the purposes of > getting a local IP address/port assigment. This works fine when a > machine has a single interface, but for machines with multiple physical > or logical (alias) interfaces this is not always appropriate. For > instance, on a machine with 10 aliases the "telnet" service, as managed > by inetd(8) will respond to all 10 addresses. > > What I propose is an enviornment variable, "LOCAL_BIND" which > would be used by the bind(3) code. If this does not exist, the > traditional behavior would occur. On the other hand, if it was set to > an IP address on the local system a "bind" call to the wildcard address > would go to that address, and that address only. A further extension > would be to have a list of acceptable addresses. I'm inclined to just say "what a gross hack". :) If a program should have the ability to bind to specific addresses then the author of the code should provide that functionality through command line arguments or configuration files. There is currently no problem with the bind(2) interface, the problem is in the programs which use it, and therefore it's their behaviour which should be changed, not bind(2)'s Also, were you aware that even if a process has bound to a specific interface, it can still receive packets recieved on other interfaces destined for that interface? > This would allow things like an outbound telnet connection > from a particular address forced by the user, or having a program like > inetd listen only to some addresses without chaning the code of these > user applications. Modifying inetd so it only binds to specific interfaces is probably a good idea. Niall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805281150.EAA21797>