Force binding on a specific IP and/or port.
/README (95feff7ec147eefd63a0fb3adbbdc2209e42132f) (4653 bytes) (mode 100644) (type blob)
Name: force_bind
Author: Catali(ux) M. BOIE - catab at embedromix dot ro
Start date: 2010-10-26
Description: Force binding on a specific IP and/or port.
Works with both IPv4 and IPv6.
It is useful if you have a binary application without sources
and without the possibility to configure address or port to
bind to.
License: GPLv3
How it works: force_bind is a shared object that is loaded with LD_PRELOAD and hooks 'bind' function.
Forcing an IP/port to bind to is done with environments variables.
Examples:
0. Output debug stuff in a log file (for debugging):
export FORCE_NET_VERBOSE=999
export FORCE_NET_LOG="xxx.log"
your_program_here
1. Force bind to 127.0.0.1, port 33, verbose operations:
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V4=127.0.0.1
export FORCE_BIND_PORT_V4=33
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
2. Force binding to 127.0.0.2, port unchanged
export FORCE_BIND_ADDRESS_V4=127.0.0.2
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
3. Force binding to ::1 (IPv6), port unchanged
export FORCE_BIND_ADDRESS_V6=::1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
4. Changing TOS on all sockets to 30
export FORCE_NET_TOS=30
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
5. Force Keep alive to 60 seconds:
export FORCE_NET_KA=60
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
6. Force MSS to 1400
export FORCE_NET_MSS=1400
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
7. Force bandwidth to 1000 bytes/s for _all_ connections, cumulated
export FORCE_NET_BW=1000
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
8. Force bandwidth to 20000 bytes/s per socket
export FORCE_NET_BW_PER_SOCKET=20000
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
scp root@machine1:/image.iso .
9. Force REUSEADDR
export FORCE_NET_REUSEADDR=1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
10. Force NODELAY
export FORCE_NET_NODELAY=1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
11. Force client connections (for example 'telnet', 'ssh',
'firefox') to connect from a specified address, not the auto
selected one:
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V4=127.0.0.2
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
12. Set a FLOWINFO (flow label + class) for a client connection:
export FORCE_NET_VERBOSE=1
export FORCE_NET_FLOWINFO=0x7812345 # class 0x78, label 0x12345
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
A tcpdump of a connection will look like:
00:00:00:00:00:00 > 00:00:00:00:00:00, ethertype IPv6 (0x86dd),
length 94: (class 0x78, flowlabel 0x12345, hlim 64, next-header TCP (6) payload length: 40)
::1.56981 > ::1.krb524: Flags [S], cksum 0x0030 (incorrect -> 0x91cf),
seq 1154252590, win 32752, options [mss 16376,sackOK,TS val 28395104 ecr 0,nop,wscale 4], length 0
13. Force FWMARK on a connection (only root is allowed):
export FORCE_NET_VERBOSE=1
export FORCE_NET_FWMARK=0x1234
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
14: Force priority (between 0 and 6 for non-root users). You can
use 'tc' command from iproute to set-up 'prio' qdisc and to
assign prio to queues:
# 0. setup
export FORCE_NET_VERBOSE=1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
# 1. Make sure you have a 'prio' qdisc attached to eth0, for example:
tc qdisc add ev eth0 root handle 1: prio
# 2. Assign applications to classed (bands):
export FORCE_NET_PRIO=6 # interactive, band 0
your_voip_program_here
export FORCE_NET_PRIO=0 # best effort, band 1
your_mail_program_here
export FORCE_NET_PRIO=2 # bulk, band 2
your_remote_backup_program_here
# 3. Run tc statistics so you can see the classification:
tc -s class show dev eth0
15: Deny binding to any IPv4 sockets. The bind syscall
will return -1 and errno will be set to EACCES.
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V4=deny
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
16: Silent fake binding to any IPv6 sockets. The bind will
return success, but will never accept any connection.
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V6=fake
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
Installation:
- ./configure
- make
- make install
| Mode | Type | Size | Ref | File |
|---|---|---|---|---|
| 100644 | blob | 119 | 7e0257f54e1c2fc928dd03c5feba91e10fe86261 | .gitignore |
| 100644 | blob | 30 | d987fa5df957830331139935d517009e2911b0cf | INSTALL |
| 100644 | blob | 35147 | 94a9ed024d3859793618152ea559a168bbcbb5e2 | LICENSE |
| 100644 | blob | 772 | e87d60cf1b3910a7ae49f0193931313b800e5cce | Makefile.in |
| 100644 | blob | 4653 | 95feff7ec147eefd63a0fb3adbbdc2209e42132f | README |
| 100644 | blob | 1302 | 5c2fda3e1187d9716ea62996211eebeb5015c15a | TODO |
| 100755 | blob | 23 | d33bb6c4ecdce1390ce1db3c79ea3b93e22ea755 | configure |
| 100755 | blob | 13141 | 081d1c2174db44f5834f6bf6eb2cf4e805faa2d2 | duilder |
| 100644 | blob | 292 | d622c2ec22b51ef36559ff380a885afbad4a3b9e | duilder.conf |
| 100644 | blob | 25780 | 02b98b89d5009f8dc823acf4ab4ab4054c806339 | force_bind.c |
| 100644 | blob | 1077 | b7b631f28809009fd5678b4798a810e2dea822e1 | force_bind.spec.in |
| 100644 | blob | 35 | 6fa1dc02f112e09cbe388b61590c412dd1aae134 | force_bind_config.h.in |
| 100644 | blob | 1656 | 39482737be7bbbf3357a3750e79fec34dd323541 | send_udp.c |
| 100755 | blob | 198 | 69df55fb33fd2f66c8563d40f8e94c4a050d71f0 | test1.sh |
| 100755 | blob | 178 | 2d9a688355eeb88be7ab177ba95952a155c9e217 | test2.sh |
| 100755 | blob | 350 | 711d78469121dce161d13d338b0d281e0e646ef6 | test_all.sh |
| 100644 | blob | 1135 | ef564034e516db96e7e9346000e4a7917da3b82d | test_bind.c |
| 100755 | blob | 193 | 964f25f5ab76011470436d4fb8894b975e0a1cba | test_bw1.sh |
| 100755 | blob | 236 | 484f1016e84d41ad4d393b5f6f23e5cfa9071f08 | test_bw2.sh |
| 100755 | blob | 286 | 805a280956a5a00dd52f54a8803efc6776739314 | test_bw3.sh |
| 100755 | blob | 448 | 088e71224a13f412fec15399f7bd1c0701160119 | test_bw4.sh |
| 100644 | blob | 1497 | 13d4c8bfde7655151199dc0d4ba9f5acea6512e0 | test_client.c |
| 100755 | blob | 179 | 39bb823c1a0f4c32c35141422abc61a19084f384 | test_client1.sh |
| 100755 | blob | 171 | f988d1903cd9c89720fd6ea12b487a9e8189ef5d | test_client2.sh |
| 100755 | blob | 164 | 32459ed2d2194fa83f99ec724bf195c86dab8716 | test_client3.sh |
| 100755 | blob | 253 | eeea81bc7eb348714945b7a5794a21f9dd813275 | test_client6-1.sh |
| 100644 | blob | 1698 | 6b148a733dbb8f72e31b6c929e1766558ba03a95 | test_client6.c |
| 100755 | blob | 292 | a225478d8f6b8df5cbfa115192b839bbae0276cf | test_deny.sh |
| 100755 | blob | 285 | acf74df00776908d43b38b910140074668e9fc66 | test_fake.sh |
| 100755 | blob | 138 | 15e7a1b1bf39128dc737ba3df39498ad91e56044 | test_ka1.sh |
| 100755 | blob | 136 | 2f0bf21c57db70f4a61e1b4337f41a3c548d099b | test_mss1.sh |
| 100755 | blob | 144 | e9620dd6d54a12e3582d38ca4fb74861fa540b88 | test_tos1.sh |
| 100755 | blob | 246 | cdeba6d1ee85f938c06e548e3f70d07d2c6db9ff | test_udp_local_bind.sh |
Hints:
Before first commit, do not forget to setup your git environment:
Clone this repository using HTTP(S):
Clone this repository using ssh (do not forget to upload a key first):
Clone this repository using git:
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"
git config --global user.email "your@email_here"
Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/force_bind
Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/force_bind
Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/force_bind
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main
... make some changes and some commits ...
git push origin main
RocketGit
Rocket your launch!
Rocket your launch!