* Javier Fern?ndez-Sanguino Pe?a (jfs@computer.org) [010915 17:13]: > On Mon, Sep 10, 2001 at 05:49:55PM -0700, Vineet Kumar wrote: > > * Alexander Reelsen (ref@tretmine.org) [010910 01:24]: > > > On Sun, Sep 09, 2001 at 06:31:57PM -0400, hpknight wrote: > > > > It depends on the process that is binding the port. If you're using > > > > xinetd you can specify which interface to bind the port on. If the > > > > program/daemon doesn't allow you to specify interfaces, then you're stuck > > > > .. unless you want to do some fancy stuff with ipchains/iptables to > > > > redirect ports, or hack up the daemon. > > > inetd also has this feature (not very well documented). > > > use service@ip in inetd.conf in order to use that feature. > > How's that? in my example, I'd like exim to bind only to the loopback > > interface. I tried either of these 2 lines, with the respective error > > from /var/log/daemon.log following each: > > > FYI the "Securing Debian Manual" tells you how to easily do this > by editing exim's conf file. Thanks. I already had exim configured with local_interfaces = 127.0.0.1 , but I was interested in switching to inetd-spawned exim if I could get it to bind only to the loopback interface. This machine only delivers local mail, so having the daemon running all the time is sort of a waste. I guess I don't really save all that much anyway, because I don't have any other services listed in inetd.conf, so I'd be trading one daemon (exim) for one other daemon (inetd), which I don't currently have running. Thanks for the pointer, anyway, though. -- Vineet http://www.anti-dmca.org Unauthorized use of this .sig may constitute violation of US law. echo Qba\'g gernq ba zr\! |tr 'a-zA-Z' 'n-za-mN-ZA-M'
Attachment:
pgpRPJfoMJZgb.pgp
Description: PGP signature