On Mon, 2002-11-04 at 06:48, Paul Sladen wrote: > > I'm wondering how easy would it be to redirect binds and connections to > > the localhost (127.0.0.1) to the server IP address instead > > This is what happens anyway.
Oops... I meant that the loopback is still visible and usable as loopback from withing the vserver. > Jacques is currently writing code so that binding to the default address > within a vserver binds to all the IP addresses assigned to the vserver > rather than the first one (this hasn't been done before because it is a > technical pain). This would be nice ;-) > This will open up the possibility of having a local-loopback in the form of > `127.1.0.ctx' with modifications to the mangling done above so that we still > appear to be talking to `127.0.0.1'. Yes. I think this will keep software which pretends to talk to the loopback happy. So far tomcat4 is the only one I know of, but there're others for sure. Also, it would be a nice point in favor of "perceived" security of the vserver to be able to bind to a loopback too. Dave.
