grr...forgot to reply to list... ----- Original Message ----- From: Phillip Hofmeister <[EMAIL PROTECTED]> To: Guido Hennecke <[EMAIL PROTECTED]> Sent: Saturday, December 08, 2001 3:10 PM Subject: Re: Can a daemon listen only on some interfaces?
> OR....you could use IPCHAINS or IPTABLES to REJECT (or DENY) the interface > on that port.... > ----- Original Message ----- > From: Guido Hennecke <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Cc: Michael Wood <[EMAIL PROTECTED]> > Sent: Saturday, December 08, 2001 2:09 PM > Subject: Re: Can a daemon listen only on some interfaces? > > > > At 08.12.2001, Michael Wood wrote: > > > On Sat, Dec 08, 2001 at 07:40:06PM +1000, [EMAIL PROTECTED] wrote: > > [...] > > > > So my question is: > > > > Is there some way to make certain daemons, (say postfix) > > > > listen only on some interfaces? For example, I have > > > > everything firewalled from outside, so I really only need > > > > postfix to listen on the loopback interface for local > > > > connections. Is this possible? > > > It's technically possible, but this depends on if the particular > > > daemon has support for this. Postfix does. > > > > It is a little bit different on Linux: > > > > It is not possible to configure a deamon to listen on an interface only. > > It is only possible to bind it to an ip address. > > > > The problem on linux is, that all local ip addresses are reachable over > > all local interfaces. The only problem is the routing and that depends > > on your infrastructure. > > > > But it is posible to use a packetfilter and configure it, that packets > > for an interface must come in over the target interface. > > > > Regards, Guido > > -- > > Nur weil Du paranoid bist, heisst das noch lange nicht, dass Du nicht > > verfolgt wirst. > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > > > > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
