[erlang-questions] Restrict epmd to one IP address?
nindeu@REDACTED
nindeu@REDACTED
Wed Oct 31 03:28:06 CET 2007
> > Just searched a while for an option to bind epmd to a specific IP
> address. On my system it binds to all available IP addresses. Hmm, nothing so
> far. Do I really have to install a firewall because of epmd?
> >
> > How do you deal with epmd? Any better options?
> Mssrs. Google liked the following search request
>
> erlang min max epmd
>
> providing me http://thefactoryfactory.com/wordpress/?p=319 as the
> third link.
Hi Michael,
thank's for your answer! Undocumented kernel parameters - very interesting!
But it does not really solve the problem I have. inet_dist_listen_min and inet_dist_listen_max seem to limit the dynamic port range opened by erlang for incomming connections. Very usefull if you need to access Erlang through a firewall.
But what I need most is a way to make epmd listen on only a specified IP address on a server with more than one. Currently it listens on 0.0.0.0:4369 which means it listens on all configured interfaces. BTW: with the described parameters you cannot change the portmappers 4369 port.
Corporate security policies might very well forbid to open ports on interfaces which you do not need. Why should epmd listen on a LAN only used for drawing backups? And the typical security manager might also go nuts if I suggest to install firewalls on internal servers just because we cannot stop one process from listening on the wrong interfaces. I am currently dealing with such a situation.
But your link was interesting. I searched the kernel sources for these parameters and found another undocumented one: inet_dist_use_interface. After browsing through inet_tcp_dist.erl it turned out that it works in combination with the two mentioned parameters. So you can let Erlang only listen on a specific IP address/port range by using: erl -sname test -kernel inet_dist_listen_min 4001 inet_dist_listen_max 4001 inet_dist_use_interface "{135,13,164,12}"
Good to know. But still, epmd listens on 0.0.0.0:4369. Any other suggestions?
Regards,
Eric
--
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
More information about the erlang-questions
mailing list