>> From what I can tell, you can just use bind to bind a socket to an address,
>> but there's no way to bind directly to an interface. If we want to continue
>> with specifying interfaces instead of addresses, we'd have to call
>> getifaddrs, and iterate through the interfaces to get the address associated
>> with a specific interface name.
I think this excerpt from [1] has another reason why that might not be the most
reliable solution:
"The bind() system call is frequently misunderstood. It is used to bind to a
particular IP address. Only packets destined to that IP address will be
received, and any transmitted packets will carry that IP address as their
source. bind() does not control anything about the routing of transmitted
packets. So for example, if you bound to the IP address of eth0 but you send a
packet to a destination where the kernel's best route goes out eth1, it will
happily send the packet out eth1 with the source IP address of eth0."
And I didn't see alternatives to SO_BINDTODEVICE in my brief search. There was
mentions of IP_SENDIF for BSD, but that looked like it might be available only
as a patch right now.
So maybe the thing to do for now (if know one else knows how to make it
portable) is just make it a Linux-only feature -- add some configure-time
checks for platform (if they aren't there already), and then wrap the code in
preprocessor directives.
Jon
[1] http://codingrelic.geekhold.com/2009/10/code-snippet-sobindtodevice.html
_______________________________________________
bro-dev mailing list
[email protected]
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
