Fw: Can a daemon listen only on some interfaces?
grr...forgot to reply to list...
----- Original Message -----
From: Phillip Hofmeister <email@example.com>
To: Guido Hennecke <firstname.lastname@example.org>
Sent: Saturday, December 08, 2001 3:10 PM
Subject: Re: Can a daemon listen only on some interfaces?
> OR....you could use IPCHAINS or IPTABLES to REJECT (or DENY) the interface
> on that port....
> ----- Original Message -----
> From: Guido Hennecke <email@example.com>
> To: <firstname.lastname@example.org>
> Cc: Michael Wood <email@example.com>
> Sent: Saturday, December 08, 2001 2:09 PM
> Subject: Re: Can a daemon listen only on some interfaces?
> > At 08.12.2001, Michael Wood wrote:
> > > On Sat, Dec 08, 2001 at 07:40:06PM +1000, firstname.lastname@example.org wrote:
> > [...]
> > > > So my question is:
> > > > Is there some way to make certain daemons, (say postfix)
> > > > listen only on some interfaces? For example, I have
> > > > everything firewalled from outside, so I really only need
> > > > postfix to listen on the loopback interface for local
> > > > connections. Is this possible?
> > > It's technically possible, but this depends on if the particular
> > > daemon has support for this. Postfix does.
> > It is a little bit different on Linux:
> > It is not possible to configure a deamon to listen on an interface only.
> > It is only possible to bind it to an ip address.
> > The problem on linux is, that all local ip addresses are reachable over
> > all local interfaces. The only problem is the routing and that depends
> > on your infrastructure.
> > But it is posible to use a packetfilter and configure it, that packets
> > for an interface must come in over the target interface.
> > Regards, Guido
> > --
> > Nur weil Du paranoid bist, heisst das noch lange nicht, dass Du nicht
> > verfolgt wirst.
> > --
> > To UNSUBSCRIBE, email to email@example.com
> > with a subject of "unsubscribe". Trouble? Contact