Hi, On Sat, May 13, 2006 at 01:08:28PM -0500, John Goerzen wrote: > On Sat, May 13, 2006 at 07:21:35PM +0200, Uwe Hermann wrote: > > any chance the bacula daemons (all of them) could listen to the local > > loopback interface (i.e. 127.0.0.1) _only_ per default? Currently they > > listen to _any_ (all) interfaces, which exposes them to the Internet > > usually. > > To actually have the daemons bind to a specific interface would require > some new configuration file options. I would be happy to forward this > to upstream if you would like, but would not want to maintain a local > patch to achieve it.
Actually, I just found out Bacula already has such config options.
You can use the following options, respectively:
bacula-dir.conf:
Director {
DirAddress = 127.0.0.1
}
bacula-fd.conf:
FileDaemon {
FDAddress = 127.0.0.1
}
bacula-sd.conf:
Storage {
SDAddress = 127.0.0.1
}
It's up to you to decide whether this should be the default
configuration (I'd say yes). Or, you could add the lines as comments
(i.e. disabled) to the config files, so that interested parties
can easily enable/disable them...
Cheers, Uwe.
--
Uwe Hermann
http://www.hermann-uwe.de
http://www.it-services-uh.de | http://www.crazy-hacks.org
http://www.holsham-traders.de | http://www.unmaintained-free-software.org
signature.asc
Description: Digital signature
