how to bind an application to specific ip

Hello Dear Everyone.

Have you Gurus perhaps got an idea how to bind a particular application/program to specific IP address on solaris box?

Assume there is a server with two NICs with distinct IPs, I install an application (could be a backup sowftware client) and would like to tell to the application:
"please bind to this-and-this IP, and leave the other one intact"

So when typing netstat -an I'd see that application bound to specified IP, not 0.0.0.0 (all IPs).

Sample usage could be: backup software client that should bind and listen to requests on backup-LAN only. There is no point allowing for backup/restore requests over production LAN, especially backup softwares usually are not strong in client/server authentications and spoofing is fairly simple.

This is normally done by the application itself which has to support it, not externally although a dtrace script might do the trick.

how can dtrace do something like this?

Dtrace can patch calls on the fly in the so called "destructive mode". That would be a hack but probably an easy one.

thinking more about it ... tcp wrappers could be used to achieve the same final result, however different way. the sofware would still bound to all available IPs but communicationt would be filtered.

Dtrace path sounds too ,,hidden'' to me. I prefer solutions that can be clearly seen and tracked down, even when you ,,forgot'' to document them immediately after configuring

But Dtrace solution looks like great dtrace coding excersise.

Like everyone said, it depends on the application.

But here are two ideas:

• Just firewall the connections you don't want to allow. Even better, firewall everything and just allow what you want.
• Or, you could create a zone in Solaris that uses the second NIC. Then launch your app there.

Thank you Everyone for feedback and valuable suggestions!