bind interface '-i' incomplete

Netgear / wsdd2

WSD/LLMNR Discovery/Name Service Daemon

GNU General Public License v3.0

154 stars 33 forks source link

bind interface '-i' incomplete #3

Closed Andy2244 closed 4 years ago

Andy2244 commented 4 years ago

Connecting from an unprotected WAN still seems to succeed. I suppose the socket code will need to be amended to only bind to the interface's IP address, and not to 0.0.0.0.

netstat -an | egrep 3702
tcp        0      0 0.0.0.0:3702            0.0.0.0:*               LISTEN
tcp        0      0 :::3702                 :::*                    LISTEN
udp        0      0 0.0.0.0:3702            0.0.0.0:*
udp        0      0 :::3702                 :::*

Andy2244 commented 4 years ago

@namjaejeon Just got this working with cifsd, so maybe you can take a quick look on the interface code and how to prevent the extra binds?

themiron commented 4 years ago

I hope #4 could help

Andy2244 commented 4 years ago

thanks, need to verify if still reachable via wan

themiron commented 4 years ago

@Andy2244 sockets still listen on 0.0.0.0/:: due the design, but since sockets are bind now they can't send packets via "wrong" interfaces. further improvement would be move to recvmsg() with IP_PKTINFO/IPV6_PKTINFO and check received ifindex

Andy2244 commented 4 years ago

@themiron yes i understand, cifsd is doing it the same way. Its fine for now i think, thanks again.