On Friday, August 30, 2019 4:33:11 AM MST Björn Persson wrote: > John Harris wrote: > > Thing is, binding a port and expecting it to be open to every network > > interface you've got are two very different things. > > Once again John Harris is completely wrong. The bind system call is > precisely how a program specifies which network interfaces it wants to > open a socket to. A program that calls bind with IN6ADDR_ANY_INIT or > INADDR_ANY and a specific port number expects that port to be open to > every network interface the computer has. > > A program that doesn't intend to listen on every network interface will > bind to an IP address assigned to one interface to listen only on that > network, or maybe a localhost address to listen only on the loopback > interface. The port and the network interface are specified together in > a single sockaddr object passed to a single system call, so it's very > much the same thing. > > Björn Persson This is a bit hostile, and certainly comes off as passive aggressive. When you bind a port, it isn't open on every interface unless you specify that, you're partially correct. Many programs, however, bind all interfaces regardless. For example, dnsmasq does this by default, and many other programs do it without a configuration option on ports. So, while the software may be open to all ports because of the code itself, that is often not the intention. Many programs just bind all interfaces, and expect that you'll configure your firewall to whatever should be able to access the network service it's serving. Programs that don't intend to listen on every interface generally don't bind only to one interface, though they should. Especially not proprietary software. If an interface is not specified, you get all interfaces bound. binding a port has nothing to do with opening a socket to something else. In nearly all cases, it's used to open your system to incoming connections. -- John M. Harris, Jr. <johnmh@xxxxxxxxxxxxx> Splentity https://splentity.com/ _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
