1. Multi-homed hosts are in fact very common, especially in
corporate environments. To get the right source addr in
its reply, the server must open separate sockets on each
of its host's addresses - as named and ntpd do. And then
it has to detect changes in the set of addresses.
The RPC client code in libc performs UDP RPC calls with sendto()
and recvfrom() using an unconnected socket. When a reply arrives,
the library code checks only that the XID of the reply matches that
of the request; it does not check that the reply came from the
address to which the request was se
Yes, a firewall. This machine IS the inner side of a firewall -- I want
to stop any unwanted traffic that gets through the outer firewall.
orville.
On Sun, 20 May 2001, Nick Rogness wrote:
> On Sat, 19 May 2001, Orville R. Weyrich.Jr wrote:
>
> > I have a dual homed FreeBSD-4.3 machine and wa
On Sat, 19 May 2001, Orville R. Weyrich.Jr wrote:
> I have a dual homed FreeBSD-4.3 machine and want to restrict traffic
> on one interface but not the other (one interface is to a trusted
> network and the other is not).
>
> What I want is the untrusted interface to only present SMTP and HTTP
