Under FreeBSD 5.0-RELEASE running ruby 1.6.8, the following code:
···
require ‘socket’
server = TCPServer.new(9999)
client = server.accept
only seems to bind to port 9999 on ipv6 interfaces.
% netstat -an | grep 9999
tcp6 0 0 *.9999 . LISTEN
%
It works, however, when I specify a host to bind to. It only fails when
trying to use INADDR_ANY…
I cannot tell for sure whether this is due to changes in FreeBSD, ruby, or
a combination of both. However, my guess would be ruby since I have many
daemons binding to INADDR_ANY and running fine. Is anyone else running BSD
(or perhaps other OS’) with IPv6 support still in the kernel able to
duplicate this problem?
Thanks in advance,
-JD-
What addresses does ruby claim to be listening on? I don’t believe the
IPv6 stuff is significantly different than -STABLE’s.
$ ruby -r socket -e “p TCPServer.new(9999).peeraddr”
[“AF_INET6”, 9999, “::ffff:0.0.0.0”, “::ffff:0.0.0.0”]
This is on STABLE, if I get a chance I’ll fire up my CURRENT box
tonight.
···
Jason DiCioccio (geniusj@bluenugget.net) wrote:
Under FreeBSD 5.0-RELEASE running ruby 1.6.8, the following code:
require ‘socket’
server = TCPServer.new(9999)
client = server.accept
only seems to bind to port 9999 on ipv6 interfaces.
% netstat -an | grep 9999
tcp6 0 0 *.9999 . LISTEN
%
It works, however, when I specify a host to bind to. It only fails when
trying to use INADDR_ANY…
I cannot tell for sure whether this is due to changes in FreeBSD, ruby, or
a combination of both. However, my guess would be ruby since I have many
daemons binding to INADDR_ANY and running fine. Is anyone else running BSD
(or perhaps other OS’) with IPv6 support still in the kernel able to
duplicate this problem?
–
Eric Hodel - drbrain@segment7.net - http://segment7.net
All messages signed with fingerprint:
FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04
You no doubt have sysctl net.inet6.ip6.v6only = 1
BEWARE THE SECURITY CONSEQUENCES OF CHANGING THIS TO 0
By changing it to ‘0’, you will be able to listen on both tcp4 and tcp6
···
Jason DiCioccio (geniusj@bluenugget.net) wrote:
Under FreeBSD 5.0-RELEASE running ruby 1.6.8, the following code:
require ‘socket’
server = TCPServer.new(9999)
client = server.accept
only seems to bind to port 9999 on ipv6 interfaces.
% netstat -an | grep 9999
tcp6 0 0 *.9999 . LISTEN
%
It works, however, when I specify a host to bind to. It only fails when
trying to use INADDR_ANY…
I cannot tell for sure whether this is due to changes in FreeBSD, ruby, or
a combination of both. However, my guess would be ruby since I have many
daemons binding to INADDR_ANY and running fine. Is anyone else running BSD
(or perhaps other OS’) with IPv6 support still in the kernel able to
duplicate this problem?
–
Eric Hodel - drbrain@segment7.net - http://segment7.net
All messages signed with fingerprint:
FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04
That’d do it… So there’s no INADDR_ANY for IPv4 unless you compile
without INET6 then I’m guessing?
Thanks!
-JD-
···
–On Thursday, January 23, 2003 15:58 +0900 Eric Hodel drbrain@segment7.net wrote:
You no doubt have sysctl net.inet6.ip6.v6only = 1
BEWARE THE SECURITY CONSEQUENCES OF CHANGING THIS TO 0
By changing it to ‘0’, you will be able to listen on both tcp4 and tcp6
–
Jason DiCioccio - jd@bluenugget.net - Useless .sig
Open Domain Service - geniusj@ods.org - http://www.ods.org/
Ruby - jd@ruby-lang.org - http://www.ruby-lang.org/
PGP Fingerprint - C442 04E2 26B0 3809 8357 96AB D350 9596 0436 7C08
The correct solution is to listen on multiple socket types
TCPServer.new(‘127.0.0.1’, my_port)
TCPServer.new(‘::1’, my_port)
WEBrick works this way, and it far more secure than setting that sysctl
···
Jason DiCioccio (geniusj@bluenugget.net) wrote:
–On Thursday, January 23, 2003 15:58 +0900 Eric Hodel > drbrain@segment7.net wrote:
You no doubt have sysctl net.inet6.ip6.v6only = 1
BEWARE THE SECURITY CONSEQUENCES OF CHANGING THIS TO 0
By changing it to ‘0’, you will be able to listen on both tcp4 and tcp6
That’d do it… So there’s no INADDR_ANY for IPv4 unless you compile
without INET6 then I’m guessing?
–
Eric Hodel - drbrain@segment7.net - http://segment7.net
All messages signed with fingerprint:
FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04