Skip to content

Bindlisten #565

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aik wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Bindlisten #565

aik wants to merge 2 commits into from

Conversation

@aik
Copy link

@aik aik commented Jan 1, 2025

Adding SO_BINDTODEVICE to "Bind" as I run it to access corporate network via VPN with a changing IP address, hence the fix. Please comment. Thanks.

aik added 2 commits January 1, 2025 11:50
@aik
Fix gcc calloc() warning
1801e5c 
gcc (GCC) 14.1.1 20240701 (Red Hat 14.1.1-7) produces this:

network.c:159:57: warning: ‘calloc’ sizes specified with ‘sizeof’ in the earlier argument and no
t in the later argument [-Wcalloc-transposed-args]
  159 |             (struct read_lines_s *) safecalloc (sizeof (struct read_lines_s),
      |                                                         ^~~~~~

Fix them.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
@aik
sock: Allow binding outgoing connections to an interface
66abfe5 
The current "Bind" allows IP addresses which does not work with
dynamically changing IPs such as VPN.

Extend "Bind" to accept an interface name if SO_BINDTODEVICE is
supported (Linux). For example, "Bind tun0".

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
@fbrunel-dev
Copy link

fbrunel-dev commented Apr 9, 2025
edited
Loading

Different scenario here: I am using it on Linux computers to exclude some traffic from the VPN.
A Bind directive set to the local IP was not sufficient for my needs:

  • it didn't work as expected: NTP traffic was using the LAN interface, but not the HTTPS requests, which were seen on the VPN tunnel (with LAN IP !).
  • on LAN IP change, I had to rewrite the configuration file and reload it, which was not convenient.

This pull request resolve these two issues.
But I had to modify the sources to compile it (Gentoo, kernel 6.12):

  • define INTERFACE in conf.c
  • include net/if.h in common.h

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aik @fbrunel-dev