/README (68d1b9fb85fc32cb9b631a88e5dc96b4015452af) (4758 bytes) (mode 100644) (type blob)
Name: force_bind
Author: Catalin(ux) M. BOIE - catab at embedromix dot ro
Start date: 2010-10-26
Description: Force binding on a specific IP and/or port.
Plus forcing setsockopt calls on the socket.
Works with both IPv4 and IPv6.
It is useful if you have a binary application without sources
and without the possibility to configure address or port to
bind to.
License: GPLv3
How it works: force_bind is a shared object that is loaded with LD_PRELOAD and hooks 'bind' function.
Forcing an IP/port to bind to is done with environments variables.
Examples:
0. Output debug stuff in a log file (for debugging):
export FORCE_NET_VERBOSE=999
export FORCE_NET_LOG="xxx.log"
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
1. Force bind to 127.0.0.1, port 33, verbose operations:
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V4=127.0.0.1
export FORCE_BIND_PORT_V4=33
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
2. Force binding to 127.0.0.2, port unchanged
export FORCE_BIND_ADDRESS_V4=127.0.0.2
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
3. Force binding to ::1 (IPv6), port unchanged
export FORCE_BIND_ADDRESS_V6=::1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
4. Changing TOS on all sockets to 30
export FORCE_NET_TOS=30
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
5. Force Keep alive to 60 seconds:
export FORCE_NET_KA=60
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
6. Force MSS to 1400
export FORCE_NET_MSS=1400
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
7. Force bandwidth to 1000 bytes/s for _all_ connections, cumulated
export FORCE_NET_BW=1000
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
8. Force bandwidth to 20000 bytes/s per socket
export FORCE_NET_BW_PER_SOCKET=20000
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
scp root@machine1:/image.iso .
9. Force REUSEADDR
export FORCE_NET_REUSEADDR=1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
10. Force NODELAY
export FORCE_NET_NODELAY=1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
11. Force client connections (for example 'telnet', 'ssh',
'firefox') to connect from a specified address, not the auto
selected one:
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V4=127.0.0.2
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
12. Set a FLOWINFO (flow label + class) for a client connection:
export FORCE_NET_VERBOSE=1
export FORCE_NET_FLOWINFO=0x7812345 # class 0x78, label 0x12345
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
A tcpdump of a connection will look like:
00:00:00:00:00:00 > 00:00:00:00:00:00, ethertype IPv6 (0x86dd),
length 94: (class 0x78, flowlabel 0x12345, hlim 64, next-header TCP (6) payload length: 40)
::1.56981 > ::1.krb524: Flags [S], cksum 0x0030 (incorrect -> 0x91cf),
seq 1154252590, win 32752, options [mss 16376,sackOK,TS val 28395104 ecr 0,nop,wscale 4], length 0
13. Force FWMARK on a connection (only root can do it):
export FORCE_NET_VERBOSE=1
export FORCE_NET_FWMARK=0x1234
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
14: Force priority (between 0 and 6 for non-root users). You can
use 'tc' command from iproute to set-up 'prio' qdisc and to
assign prio to queues:
# 0. setup
export FORCE_NET_VERBOSE=1
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
# 1. Make sure you have a 'prio' qdisc attached to eth0, for example:
tc qdisc add dev eth0 root handle 1: prio
# 2. Assign applications to classed (bands):
export FORCE_NET_PRIO=6 # interactive, band 0
your_voip_program_here
export FORCE_NET_PRIO=0 # best effort, band 1
your_mail_program_here
export FORCE_NET_PRIO=2 # bulk, band 2
your_remote_backup_program_here
# 3. Run tc statistics so you can see the classification:
tc -s class show dev eth0
15: Deny binding to any IPv4 sockets. The bind syscall
will return -1 and errno will be set to EACCES.
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V4=deny
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
16: Silent fake binding to any IPv6 sockets. The bind will
return success, but will never accept any connection.
export FORCE_NET_VERBOSE=1
export FORCE_BIND_ADDRESS_V6=fake
export LD_PRELOAD=${LD_PRELOAD}:/usr/lib/force_bind.so
your_program_here
Installation:
- ./configure
- make
- make install
Mode |
Type |
Size |
Ref |
File |
100644 |
blob |
140 |
35830e127b44696a7248171faab4378de2a69c7e |
.gitignore |
100644 |
blob |
30 |
d987fa5df957830331139935d517009e2911b0cf |
INSTALL |
100644 |
blob |
35147 |
94a9ed024d3859793618152ea559a168bbcbb5e2 |
LICENSE |
100644 |
blob |
1281 |
142271e4f639e10e70fcc74a47666d750290bdfa |
Makefile.in |
100644 |
blob |
4758 |
68d1b9fb85fc32cb9b631a88e5dc96b4015452af |
README |
100644 |
blob |
1690 |
c1e2ed80cb60389cac0201fdbde5c42deaa028b6 |
TODO |
100755 |
blob |
30 |
92c4bc48245c00408cd7e1fd89bc1a03058f4ce4 |
configure |
100755 |
blob |
16967 |
e058c68e85b03661803926184406b16fe0b0e089 |
duilder |
100644 |
blob |
292 |
c20881a3719cdaba1a9ca8a049ee04445a81d0f6 |
duilder.conf |
100644 |
blob |
28694 |
08980e926cbf99a201910684350f22ee0ad95700 |
force_bind.c |
100644 |
blob |
1190 |
9ff243feb33534f55026c5e8ad26d57df2659059 |
force_bind.spec.in |
100644 |
blob |
35 |
6fa1dc02f112e09cbe388b61590c412dd1aae134 |
force_bind_config.h.in |
100644 |
blob |
1656 |
39482737be7bbbf3357a3750e79fec34dd323541 |
send_udp.c |
100755 |
blob |
198 |
69df55fb33fd2f66c8563d40f8e94c4a050d71f0 |
test1.sh |
100755 |
blob |
178 |
2d9a688355eeb88be7ab177ba95952a155c9e217 |
test2.sh |
100755 |
blob |
350 |
711d78469121dce161d13d338b0d281e0e646ef6 |
test_all.sh |
100644 |
blob |
1138 |
504ddf640ca53898c0d147b17cc70860c0290e61 |
test_bind.c |
100644 |
blob |
1382 |
f874e2199e08c65be67223c47373071d0e483e72 |
test_bind6.c |
100755 |
blob |
305 |
7f1903c485612a1bd82535e406afb842a9e60755 |
test_bind6.sh |
100755 |
blob |
193 |
964f25f5ab76011470436d4fb8894b975e0a1cba |
test_bw1.sh |
100755 |
blob |
236 |
484f1016e84d41ad4d393b5f6f23e5cfa9071f08 |
test_bw2.sh |
100755 |
blob |
286 |
805a280956a5a00dd52f54a8803efc6776739314 |
test_bw3.sh |
100755 |
blob |
448 |
088e71224a13f412fec15399f7bd1c0701160119 |
test_bw4.sh |
100644 |
blob |
1497 |
13d4c8bfde7655151199dc0d4ba9f5acea6512e0 |
test_client.c |
100755 |
blob |
179 |
39bb823c1a0f4c32c35141422abc61a19084f384 |
test_client1.sh |
100755 |
blob |
171 |
f988d1903cd9c89720fd6ea12b487a9e8189ef5d |
test_client2.sh |
100755 |
blob |
164 |
32459ed2d2194fa83f99ec724bf195c86dab8716 |
test_client3.sh |
100755 |
blob |
253 |
eeea81bc7eb348714945b7a5794a21f9dd813275 |
test_client6-1.sh |
100644 |
blob |
1698 |
6b148a733dbb8f72e31b6c929e1766558ba03a95 |
test_client6.c |
100755 |
blob |
292 |
a225478d8f6b8df5cbfa115192b839bbae0276cf |
test_deny.sh |
100755 |
blob |
285 |
acf74df00776908d43b38b910140074668e9fc66 |
test_fake.sh |
100755 |
blob |
138 |
15e7a1b1bf39128dc737ba3df39498ad91e56044 |
test_ka1.sh |
100755 |
blob |
136 |
2f0bf21c57db70f4a61e1b4337f41a3c548d099b |
test_mss1.sh |
100644 |
blob |
488 |
0e31b618fc9df7f831e9396a8614a40e791d689d |
test_poll.c |
100755 |
blob |
292 |
c76f4237565a9b4012eb1129cb0ac4bc9e608829 |
test_poll.sh |
100755 |
blob |
144 |
e9620dd6d54a12e3582d38ca4fb74861fa540b88 |
test_tos1.sh |
100755 |
blob |
246 |
cdeba6d1ee85f938c06e548e3f70d07d2c6db9ff |
test_udp_local_bind.sh |
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"
Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/force_bind
Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/force_bind
Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/force_bind
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a
merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main