[NCLUG] Firewall question
Michael Dwyer
mdwyer at sixthdimension.com
Fri May 17 09:26:47 MDT 2002
Marcio Luis Teixeira wrote:
> Half of what I want to do is working -- from the external network I can't see
> any of the machines in my internal network. The problem arises when I try to
> run some daemon, such as "telnetd", on the "firewall" machine. The problem is
> that it accepts network connections on *both* NICs, whereas I would like it
> to only operate on the internal NIC. This seems like it should be easy thing
> to do, but so far I haven't found any clues as to how to accomplish it.
>
> Is it possible to disable services on one NIC but not on another?
Some services are able to be configured to only bind to one NIC and not
the other. For instance, Samba, bind, and Apache can all be told WHICH
IP address to bind to. Unfortunatly, I know of no way to do this to a
telnet daemon. I think it always binds to all adapters. This is what
the standard inetd does. Perhaps the xinetd or other alternates may
support limited binding...
Samba: interfaces = 192.168.1.1
bind: options { listen-on 192.168.1.1 ; } ; }
apache: BindAddress 192.168.1.1
More information about the NCLUG
mailing list