|
From: | Cullin J. Wible |
Subject: | TCP Server Disabling |
Date: | Thu, 13 Nov 2003 20:43:10 -0000 |
Hello there,
I recently installed zebra and needed to disable the tcp vty servers for security reasons. First I tried using the -A option to specify that the processes bind locally to 127.0.0.1, but after looking at the code, since I am not runnign IPv6 I don't believe this would work. (see vty_serv_sock() in lib/vty.c). After reviewing the rip_main.c I realized that setting the tcp port to 0 would disable this process. However, this was not supported by all of the daemons. So I modified all of them to support this behavior and have included patches below. Minimal testing was performed and from what I can tell these still work just great!
I hope this helps,
Sincerely,
Cullin J. Wible
address@hidden
<<disable_tcp.patch>>
disable_tcp.patch
Description: disable_tcp.patch
[Prev in Thread] | Current Thread | [Next in Thread] |