Re: Bind popa3d to local interface only
Michael Lechtermann [EMAIL PROTECTED] writes: Hi, I am currently setting up a POP3 server and everything is working fine. Also added stunnel to handle SSL connections for popa3d. Now I would like to permit the usage of unencrypted connections to popa3d to enforce connections over SSL. popa3d runs in standalone mode and it should stay that way since I am not using inetd right now. When connected to port 995 stunnel forwards the connection to localhost port 110. Because of that I just need popa3d to listen on 127.0.0.1. Index: standalone.c === RCS file: /cvs/src/usr.sbin/popa3d/standalone.c,v retrieving revision 1.10 diff -u -r1.10 standalone.c --- standalone.c13 Mar 2005 19:29:44 - 1.10 +++ standalone.c8 Jun 2006 08:15:33 - @@ -127,7 +127,7 @@ hints.ai_socktype = SOCK_STREAM; hints.ai_family = af; hints.ai_flags = AI_PASSIVE; - error = getaddrinfo(NULL, sbuf, hints, res0); + error = getaddrinfo(127.0.0.1, sbuf, hints, res0); if (error) return log_error(getaddrinfo);
Re: Bind popa3d to local interface only
On Thu, 8 Jun 2006, Gabriel Kihlman wrote: Because of that I just need popa3d to listen on 127.0.0.1. Index: standalone.c === RCS file: /cvs/src/usr.sbin/popa3d/standalone.c,v retrieving revision 1.10 diff -u -r1.10 standalone.c --- standalone.c 13 Mar 2005 19:29:44 - 1.10 +++ standalone.c 8 Jun 2006 08:15:33 - @@ -127,7 +127,7 @@ hints.ai_socktype = SOCK_STREAM; hints.ai_family = af; hints.ai_flags = AI_PASSIVE; - error = getaddrinfo(NULL, sbuf, hints, res0); + error = getaddrinfo(127.0.0.1, sbuf, hints, res0); if (error) return log_error(getaddrinfo); Why go through all of this trouble when you can just run it out of inetd(8)? [127.0.0.1]:pop3 stream tcp nowait root /usr/libexec/tcpd /usr/sbin/popa3d [::1]:pop3 stream tcp6 nowait root /usr/libexec/tcpd /usr/sbin/popa3d -d
Re: Bind popa3d to local interface only
Damien Miller schrieb: Why go through all of this trouble when you can just run it out of inetd(8)? Why running inetd for that alone and having an additional process open when popa3d is supposed to be able to do it alone when set to an address in params.h? Imho, that patch, (with my little addidional change) is how popa3d is supposed to work.
Re: Bind popa3d to local interface only
On Thu, 8 Jun 2006, Michael Lechtermann wrote: Damien Miller schrieb: Why go through all of this trouble when you can just run it out of inetd(8)? Why running inetd for that alone and having an additional process open when popa3d is supposed to be able to do it alone when set to an address in params.h? popa3d forks for each connection
