mgr

Really want to be able to bind to particular IPs/interfaces for the application (similar to the way the webUI for linux works, except for all application operations/listening ports). See http://forum.bittorrent.com/topic/23938-binding-to-particular-interfacesips/ for more information.

I'm seeing the same thing in my testing - Relay Servers, Trackers, and DHT all turned off, yet this beaconing home is happening constantly (it's a ping-pong of network traffic - haven't tried looking at the content, just saw the packets bouncing back and forth)

Oh, I haven't reverse engineered the application or network protocol as of yet and really don't have any intention to do so - just trying to make sure it fits our security requirements prior to using it for anything of value. Dumping the strings from the binary to see if there are hidden/undocumented configuration file parameters is far from reverse engineering (I'll break out either GDB or IdaPro if I'm going to do that....which I'm not . Thanks for the pointer, I'll make the suggestion on the Wishlist though. As for disabling the network interfaces, that is not a viable option if you are talking about VPNs where you want the application to use the VPN tunnel, but not the native interface (ie, tunnel over ppp0 rather than talking out eth0). Lastly, the "specific IPs" option does seem like it may do the trick if there are no DHCP addresses involved (although one could have a central server on a static IP that everyone else knows how to get to via "specific IPs" if the clients coming in over VPN are DHCP'ed). In testing that, I have seen other troubling network traffic (like, who/what is "usyncapp.com" and why is traffic transiting there even when all relay/tracker/dht/search-lan options are turned off??!?)

Looking to see if this is possible (some poking around hasn't turned up anything yet including dumping the strings from the binaries - would like to constrain the application to only bind on certain interfaces (in addition to the certain ports already offered from the configuration file). Either specifying the interfaces by name (eth0/en0/etc) or by IP (10.0.0.1). Ideally, I would like to lock it down to the point where the application can communicate ONLY on specified IPs so we can use it in a corporate environment with remote VPNs (private IP space) and not have to worry about random listening ports that can be probed/hacked or the prospect of randomly hitting firewalls (or having to put firewall rules in place to prevent accidental transfers over the internet). Ideally an option like "listen_port" but include "listen_ip" or "listen_interface" and bind to that instead of INADDR_ANY (0.0.0.0). Is this possible already and I'm just missing it, or is it feasible to have added (from a coding perspective, it should be trivial). Thoughts?