On Tue, 15 Feb 2011, Dirk Engling wrote:
Hello,
until jails could be bound to several ip addresses, my convenience
feature in ezjail to check for and warn about listening services in the
host system and other jails worked simply by asking:
listeners_ip=`sockstat -4 -l | grep "${ip}:[[:digit:]]"`
listeners_all=`sockstat -4 -l | grep "*:[[:digit:]]"`
Now where ip adresses are not rewritten on listen() calls anymore,
services in jails can bind to 0.0.0.0 as well and will match the latter,
although they don't really cause the trouble I want to warn users about
(unless, of course the jail really is bound to the same ip address and
the service then binds to 0.0.0.0).
Now I can, using "nc -z", test if the service really listens. That
allows me to filter and only report those services that actually
respond. However, this is far from clean.
Are there other ways to relibly test for listening services on any port
for a given ip address?
get the pid and use a cross-check on the process; there is no easy
way do it otherwise currently unless you write your own extensions
needing kvm.
/bz
--
Bjoern A. Zeeb You have to have visions!
Stop bit received. Insert coin for new address family.
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
