On Wed, 2013-07-31 at 15:46 +0800, Thomas Goirand wrote: > On 07/31/2013 08:30 AM, Steve Langasek wrote: > > What I'm missing your email is a problem statement explaining what it is > > you're trying to solve. The current implementation has been working > > reliably for years. > > He did wrote it. 127.0.1.1 breaks because some daemon (many, according > to him) bind only on 127.0.0.1, and not 127.0.0.0/8 as they should. [...] You can't bind a server to an address range, and there's the problem. You have to listen on all addresses and then either immediately close remote connections after accepting them (e.g. using tcp-wrappers) or bind to device 'lo'. Both or which are more complex to implement and configure. Ben. -- Ben Hutchings We get into the habit of living before acquiring the habit of thinking. - Albert Camus
Attachment:
signature.asc
Description: This is a digitally signed message part