Restricting listening address ?

Yura Pismerov ypismerov at tucows.com
Sat Jun 15 23:39:34 EDT 2002 

Firewall (ipchains/iptables/ipfilter/ipfw - depends on what OS you run
it on) is your friend.
I don't think there is a built-in feature in kdc to bind it to a
particular interface(s).

Harry RØter wrote:
> 
> Hi,
> 
> i wannt to know, if it's possible to restrict the
> ip-adresses krb5kdc is
> listening on.
> 
> I don't want him listen on my dialup connection,
> so i want to restrict the deamon just to listen on the
> internal net.
> Those adresses begin with 192.168.1.xxx
> 
> As you can see here it's listening on ip-adress it can find
> on the
> server :
> 
> ---- snipp ---
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 12: 213.6.54.135 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 13: 192.168.0.10 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 13: 192.168.0.10 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 14: 192.168.0.10 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 14: 192.168.0.10 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 15: 192.168.0.12 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 15: 192.168.0.12 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 16: 192.168.0.12 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 16: 192.168.0.12 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 17: 192.168.1.3 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 17: 192.168.1.3 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 18: 192.168.1.3 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 18: 192.168.1.3 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 19: 192.168.1.104 port 75
> ---- snipp ---
> 
> thanks Harry
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos

More information about the Kerberos mailing list