1592971225 M * Bertl_oO off to bed now ... have a good one everyone! 1592971227 N * Bertl_oO Bertl_zZ 1592979201 J * Ghislain ~ghislain@adsl2.aqueos.com 1592979340 Q * Ghislain 1592979418 J * Ghislain ~ghislain@adsl2.aqueos.com 1592993651 N * Bertl_zZ Bertl 1592993654 M * Bertl morning folks! 1593001765 Q * AlexanderS Ping timeout: 480 seconds 1593002342 J * AlexanderS ~Alexander@home.zedat.fu-berlin.de 1593003326 J * tinga ~tinga@2001:1a88:1a2:8a00:a9d4:d496:9b4:5e4b 1593004169 M * tinga Hi. I remember there is/was a tool as part of linux-vserver that allows you to define for its children which IP should be used (by default, or only). 1593004191 M * tinga For binding outgoing TCP (and UDP?) connections. 1593004227 M * tinga What was the name of this tool? Not using linux-vserver anymore but could use it outside it. 1593004314 M * Bertl hey, you are most likely referring to the ip isolation 1593004335 M * Bertl note that this only works on a Linux-VServer patched kernel though 1593004390 M * tinga Ah. 1593004451 M * tinga I wonder how difficult it was to implement. I've been discussing to people in #debian and been told that "it's not as simple as you think". 1593004488 M * Bertl well, depends on what you want to do :) 1593004517 M * Bertl basically you need to tie a structure to each process to record the ip 1593004534 M * tinga I want to use the Linux use_tempaddr feature to get randomized ipv6 addresses; if I set use_tempaddr to 2 processes use the temporary addrss by default, good, but there are some processes that aren't private anyway like IRC or ssh, 1593004538 M * Bertl this is simpler nowadays as there are already 'namespaces' attached to each process 1593004545 M * tinga and I want to set those to use another IP. So I was thinking of this. 1593004562 M * tinga I thought you can only use namespaces as root. 1593004595 M * tinga Maybe I should study those in detail, finally. 1593004642 M * tinga (https://unix.stackexchange.com/questions/210982/bind-unix-program-to-specific-network-interface seems to suggest it's root only, but I don't understand what's going on in detail.) 1593004698 M * Bertl namespaces have permission 1593004731 M * Bertl but it doesn't need to be an actual namespace 1593004743 M * Bertl the important part is that it is attributed to each process 1593004793 M * Bertl then, when a bind happens, you check it against that ip address and in case of a 'bind all' you replace that bind with the ip 1593004949 M * tinga I'll try to find some good docs on the namespacing feature and study it some time. I don't have the time today for that rabbit hole so I'm going back to important stuff. Thanks for the explanation! 1593005552 M * Bertl you're welcome! 1593022900 M * Bertl off for now ... bbl 1593022905 N * Bertl Bertl_oO 1593029532 J * fstd_ ~fstd@xdsl-87-78-60-42.nc.de 1593029803 Q * Ghislain Quit: Leaving. 1593029998 Q * fstd Ping timeout: 480 seconds 1593031063 J * hijacker ~nikolay@external.oldum.net 1593031352 Q * hijacker 1593031371 J * hijacker ~nikolay@external.oldum.net 1593032101 M * Bertl_oO off to bed now ... have a good one everyone! 1593032103 N * Bertl_oO Bertl_zZ 1593037632 Q * hijacker 1593037704 J * hijacker ~nikolay@external.oldum.net 1593038498 Q * hijacker 1593038519 J * hijacker ~nikolay@external.oldum.net 1593038527 Q * hijacker 1593038555 J * hijacker ~nikolay@external.oldum.net 1593039125 Q * hijacker 1593039144 J * hijacker ~nikolay@external.oldum.net 1593039539 Q * hijacker 1593039558 J * hijacker ~nikolay@external.oldum.net 1593041048 Q * hijacker 1593041337 J * hijacker ~nikolay@external.oldum.net 1593041696 Q * _Shiva_ Remote host closed the connection