Date: Thu, 28 May 1998 21:34:08 +0300 From: Ruslan Ermilov <ru@ucb.crimea.ua> To: Niall Smart <njs3@doc.ic.ac.uk>, freebsd-bugs@FreeBSD.ORG Subject: Re: kern/6774: bind(3)/libc improvement Message-ID: <19980528213408.B23509@ucb.crimea.ua> In-Reply-To: <199805281150.EAA21797@freefall.freebsd.org>; from Niall Smart on Thu, May 28, 1998 at 04:50:00AM -0700 References: <199805281150.EAA21797@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 28, 1998 at 04:50:00AM -0700, Niall Smart wrote: > > On May 27, 5:39pm, Leo Bicknell wrote: > } Subject: kern/6774: bind(3)/libc improvement > > > > >Synopsis: bind(3)/libc improvement > > > Many programs bind to "wildcard" addresses for the purposes of > > getting a local IP address/port assigment. This works fine when a > > machine has a single interface, but for machines with multiple physical > > or logical (alias) interfaces this is not always appropriate. For > > instance, on a machine with 10 aliases the "telnet" service, as managed > > by inetd(8) will respond to all 10 addresses. > > > > What I propose is an enviornment variable, "LOCAL_BIND" which > > would be used by the bind(3) code. If this does not exist, the > > traditional behavior would occur. On the other hand, if it was set to > > an IP address on the local system a "bind" call to the wildcard address > > would go to that address, and that address only. A further extension > > would be to have a list of acceptable addresses. > > I'm inclined to just say "what a gross hack". :) If a program should > have the ability to bind to specific addresses then the author of the > code should provide that functionality through command line arguments > or configuration files. There is currently no problem with the bind(2) > interface, the problem is in the programs which use it, and therefore > it's their behaviour which should be changed, not bind(2)'s > > Also, were you aware that even if a process has bound to a specific > interface, it can still receive packets recieved on other interfaces > destined for that interface? > > > This would allow things like an outbound telnet connection > > from a particular address forced by the user, or having a program like > > inetd listen only to some addresses without chaning the code of these > > user applications. > > Modifying inetd so it only binds to specific interfaces is probably > a good idea. AFAIK, inetd can do this using its ``-a'' option. -- Ruslan Ermilov System Administrator ru@ucb.crimea.ua United Commercial Bank +380-652-247647 Simferopol, Crimea 2426679 ICQ Network, UIN To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980528213408.B23509>