Cannot connect when using BindAddress
Jookia
166291 at gmail.com
Sun Nov 18 00:28:45 CET 2018
On Sat, Nov 17, 2018 at 11:20:47PM +0000, Jonny Tyers wrote:
> I want tinc to listen locally on loopback, so that port 655 is not
> exposed on any system interfaces. Can't tinc make outbound connections
> when listening on loopback? I can't see any reason why it should. This
> system will never have other tinc daemons connect to it, it will only
> ever connect to other tinc daemons in order to establish a VPN
> connection.
>
> --
> Jonny Tyers
Binding to loopback means you can make any outbound on inbound
connections you'd like- on loopback. Since loopback doesn't route to the
Internet, there's no way to make outbound connections.
Why are you worried about exposing port 655 on any system interfaces?
You should be using a firewall to make it not exposed externally.
If you're worried about it being exposed internally, loopback has the
same issue as any user or application can connect to it.
Jookia.
More information about the tinc
mailing list