From owner-freebsd-hackers Thu Feb 20 05:39:57 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id FAA12816 for hackers-outgoing; Thu, 20 Feb 1997 05:39:57 -0800 (PST) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA12811 for ; Thu, 20 Feb 1997 05:39:54 -0800 (PST) Message-Id: <199702201339.FAA12811@freefall.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA230805819; Fri, 21 Feb 1997 00:36:59 +1100 From: Darren Reed Subject: Re: "connection refused" To: davidn@labs.usn.blaze.net.au (David Nugent) Date: Fri, 21 Feb 1997 00:36:59 +1100 (EDT) Cc: avalon@coombs.anu.edu.au, davidn@labs.usn.blaze.net.au, freebsd-hackers@freebsd.org In-Reply-To: <19970221002216.09741@usn.blaze.net.au> from "David Nugent" at Feb 21, 97 00:22:16 am X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In some mail from David Nugent, sie said: > > On Feb 02, 1997 at 11:29:25PM, Darren Reed wrote: > > > I'm currently working on a network server that needs to use local > > > creditials on a remote connection, and if that fails, to issue a > > > "connection refused". > > > > You can't do this (using sockets). > > Hmm, the manpage seems to suggest otherwise. See below. > > > > I don't quite understand how you want to use the credentials...the > > description seems confusing. Can you put it in TCP/IP terms ? :) > > Sorry, just the remote address, as determined by accept(). I don't > want or need network probes finding the server, which is why I'd > like an attempted connection from anyone but specific ip addresses > to get "connection refused", as though there was nothing there. > The protocol in question will do challenge/key and encryption, but > this is just to prevent probes from seeing it as a possible target > in the first place. > > Anyway, the manpage for accept(2) states: > > One can obtain user connection request data without confirming the con- > nection by issuing a recvmsg(2) call with an msg_iovlen of 0 and a non- > zero msg_controllen, or by issuing a getsockopt(2) request. Similarly, > one can provide user connection rejection information by issuing a > sendmsg(2) call with providing only the control information, or by call- > ing setsockopt(2). > > Unless I'm reading this incorrectly, this is precisely what I'd like > to do. I just can work out how to do it. :-) Try calling accept() with the host you want to accept from, rather than INADDR_ANY. What does it say before that ? A connection is ESTABLISHED before it comes back via accept(). What does Stevens have to say on this topic ? Darren