RE: {bb} Bind bbd to a single interface

["Kelley, Scott" <Scott.Kelley@disney.com>]

If B does not support this, you could use ipf or something to block all connections to BB on the chosen interface.

-sk


-----Original Message-----
From: owner-bb@bb4.com [mailto:owner-bb@bb4.com]On Behalf Of SB
Sent: Thursday, September 30, 2004 10:42 AM
To: bb@bb4.com
Subject: {bb} Bind bbd to a single interface


Any way to bind bbd to a single interface? I have a server running on
a multihomed host that should only be receiving updates from one
interface. In attempting to lock things down I'd like to prevent BB
from listening on the others.

$ netstat -a|grep LIST|grep 1984
      *.1984               *.*                0      0 24576      0 LISTEN

It looks like bbd is hard-coded to bind to all interfaces (see
INADDR_ANY on line 984)... Am I interpretting this correctly (my C is
a bit rusty)?

>From bbd.c in 1.9e:
   965  #if DEBUG
   966          debug("MAKING SOCKET CONNECTION...\n");
   967  #endif
   968          if ( (sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
   969                  fprintf(stderr, "%s bbd Can't open
socket\n",gettimestr());
   970                  exit(1);
   971          }
   972  #if DEBUG
   973          debug("SOCKET CONNECTED OK... : %d\n",sockfd);
   974  #endif
   975
   976          /*
   977           * FINALLY FIX THE REUSE BUGLET
   978           * THANKS TO Gary Mills <mills@cc.UManitoba.CA>
   979           */
   980          (void)setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR,
(char *)&on, sizeof on);
   981
   982          bzero((char *) &serv_addr, sizeof(serv_addr));
   983          serv_addr.sin_family = AF_INET;
   984          serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
   985          serv_addr.sin_port = htons(port);
   986
   987  #if DEBUG
   988          debug("BINDING TO SOCKET...\n");
   989  #endif
   990          if (bind(sockfd,(struct sockaddr
*)&serv_addr,sizeof(serv_addr))<0) {
   991                  /* DON'T HARDCODE PORT NUMBER: frank@bluegrass.net */
   992                  fprintf(stderr,"%s bbd: Can't bind to port %d
- is bbd already running?\n", gettimestr(), port);
   993                  exit(2);
   994          }
   995  #if DEBUG
   996          debug("SOCKET BOUND OK...\n");
   997  #endif
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=
To unsubscribe from this list, or to subscribe to the bb-digest list
send e-mail to mailto:majordomo@bb4.com with unsubscribe bb -and/or-
subscribe bb-digest in the BODY of the message.

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=
To unsubscribe from this list, or to subscribe to the bb-digest list
send e-mail to mailto:majordomo@bb4.com with unsubscribe bb -and/or-
subscribe bb-digest in the BODY of the message.