listen only on specific IP address

[cyayon]

Could it be possible to only listen on a specified IP address (like tcp port parameter) ?

thanks.

[ktsaou]

netdata needs some work in order to:

1. Accept one or more IPv4 and/or IPv6 IP:PORT pairs to listen to.
2. Possibly limit its access to specific clients (IPs, subnets).

These are not in my priority list (I have to spend some time learning how to do them properly).

If however, you (or anyone else) can provide a pull request, I'll be glad to merge it.

For the moment, you can limit it with a firewall / iptables statements. If you need such iptables statements, I can provide these to you.

[cyayon]

Ok, thanks for your answer, it was just a suggestion ...
At the moment, i use iptables rule too.

I am not a good C programmer, but perhaps, i could try to submit you a patch to limit listening on an Ip address (at least IPv4).

[jameshhx]

I've been able to limit the address upon which at least the IPv4 server listens upon, by editing src/web_server.c, to name.sin_addr.s_addr = htonl (INADDR_LOOPBACK);.

I'll do some tinkering over the next few days, and see if I can get a PR in for this.

[ktsaou]

Perfect!

[herrernst]

If your host has IPv6, you probably also have to change in6addr_any to in6addr_loopback.

[ktsaou]

Just added this feature.
a44f489

Please test.
The configuration file now has the option bind socket to IP in section [global].

[herrernst]

Works for my (I specify 127.0.0.1 and it only listens on this). You just can't listen on localhost4 and localhost6 at the same time, but that doesn't matter for me.
Thank you!

[ktsaou]

I think that when you listen on ::1 it also listens on 127.0.0.1.
But no the other way around.

At least on my tests...

[herrernst]

You're right, thanks!

[ktsaou]

ok, I close this.