Re: CVS IP Binding Revisited

Wed, 12 Jul 2000 01:46:41 -0700 

On Tue, Jul 11, 2000 at 10:39:13PM +0200, Matthias Kranz wrote:
> On Tue, Jul 11, 2000 at 02:41:12PM -0500, Cameron, Steve wrote:
> > Robert Sfeir wrote:
> > > [Robert asked whether it's possible to bind the CVS server to a
> > > specific network device or local IP.]
> > It sounds like _maybe_ what you're trying to do is get CVS
> > to listen for connections coming in on only one network
> > interface while ignoring another, but that's pure speculation
> > on my part. (and besides I'm not sure how to do it anyway.)
> > Normally inetd will listen for connections on all interfaces,
> > I think.
>
> No, it is possible. At least on Linux. You simply add the IP in front of
> the cvspserver entry in /etc/inetd.conf. You can even specify more than
> one address, seperated by comma then. See man inetd.
> 
> Here the problem seems to be an aliased IP and since I do not have such
> a configuration here, I have to set up one tomorrow to test it.

Ok, I tried it and it works. I specified the inetd in such a manner,
that it started the CVS pserver only for incoming connections on an
ethernet device which had an aliased IP.

gromit:~ # ifconfig
eth0      Link encap:Ethernet  HWaddr 00:80:AD:B0:6E:2F  
          inet addr:192.168.100.1  Bcast:192.168.100.255 Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:63 errors:0 dropped:0 overruns:0 frame:0
          TX packets:65 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          Interrupt:10 Base address:0x300 

eth0:0    Link encap:Ethernet  HWaddr 00:80:AD:B0:6E:2F  
          inet addr:192.168.10.1  Bcast:192.168.10.255 Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x300

This is what the inetd.conf entry looks like:

192.168.10.1:cvspserver stream tcp ...    

If I do now a connect from outside to 192.168.10.1, everything works
fine. But if I connect from outside to 192.168.100.1, I get a

mskranz@gromit:~ > cvs -d
:pserver:[EMAIL PROTECTED]:/usr/local/repository login
(Logging in to [EMAIL PROTECTED])
CVS password: 
cvs [login aborted]: connect to 192.168.100.1:2401 failed: Connection refused

as expected. Maybe there is a misunderstanding: You can only specify the
local IP, to which incoming connections are accepted, NOT the remote
IP/IP address range. This could be done by other means and if I remember
correctly xinetd has such a functionality.

Hope this helps,
Matthias
-- 
Matthias Kranz                  [EMAIL PROTECTED]
         http://www.belug.org/~kranz
"Ever tried. Ever failed. No matter. Try again.
 Fail again. Fail better."     (Samuel Beckett)

Reply via email to