SOLVED: Bind NR server to a specific IP instead of
Page 1 of 1

Author:  acetylator [ Wed Dec 02, 2015 5:09 am ]
Post subject:  SOLVED: Bind NR server to a specific IP instead of

Hello all,
I am running NeoRouter Server Free v2.4.1.4360 under Debian Jessie. I want to force NR server to bind to a specific IP address instead of When I run "netstat -lntp", I see this:
tcp        0      0   *               LISTEN      47218/nrserver

I can't figure out how to change binding address from to a different one. The reason I need to do it that my server has two IP addresses, and I need NeoRouter server to be accessible only from the certain IP address. I have searched everywhere and could not find any info. I have also tried to fiddle with Feature.ini file, changing "NicInterfaceName" parameter to the interface of the second IP address, but it didn't work (well, considering the description says that this is "Network Interface name used for getting MAC address", this is probably correct behavior).

Thank you in advance for any help/info!

Author:  acetylator [ Wed Dec 02, 2015 6:06 am ]
Post subject:  SOLVED: Bind NR server to a specific IP instead of


After some extensive googling, I have found a solution, so I am sharing it here in case anyone needs it.

This solution is actually a workaround, because (at least to my knowledge), NeoRouter Server does not support binding to a specific address - there is no such setting in its configuration. It always binds to
To use this solution, you need root access to your server and gcc compiler installed.
I have tested it on Debian Jessie - works like a charm.

We will need to build a special module (called from source. We can use this module then to force any application to bind to any specific IP address. Sounds a little bit scary, but it is actually very simple. This solution works only on IPv4, for IPv6 support you might try this (I have not tested it, though).

Step 1
Download the source code of the bind module, use one of these mirrors: or
If you have downloaded source code from the first mirror, rename "bind.c.txt" to "bind.c".

Step 2
Compile bind.c ( file will be created), and copy it to /usr/lib:
gcc -nostartfiles -fpic -shared bind.c -o -ldl -D_GNU_SOURCE
cp -i /usr/lib/

Step 3
Now we must change /etc/init.d/ file, which starts/stops NeoRouter Server service.
Open /etc/init.d/ file in you favorite text editor and find these lines:
    log_begin_msg "Starting NeoRouter connection server: $NAME"
    start-stop-daemon --start --background -m --pidfile /var/run/ --exec $DAEMON >/dev/null && log_end_msg 0 || log_end_msg 1

Change this block by adding two additional lines of code. Instead of "" use desired IP address to which NeoRouter Server should bind on start. Please note that BIND_ADDR and LD_PRELOAD variables must be set with "export" directive.
    log_begin_msg "Starting NeoRouter connection server: $NAME"
    export BIND_ADDR=""
    export LD_PRELOAD=/usr/lib/
    start-stop-daemon --start --background -m --pidfile /var/run/ --exec $DAEMON >/dev/null && log_end_msg 0 || log_end_msg 1

Step 4
Now restart NeoRouter Server and we are done:
service restart

You can verify that everything works with the following command:
netstat -lntp

If everything works, you should see something like this:
tcp        0      0*               LISTEN      4729/nrserver

For some more reading visit links below.

REFERENCES: <-- this is a similar module which seems to work with IPv6, but I have not tested it. If you try it, please share your experience!

Author:  ElTopo [ Wed Dec 02, 2015 11:17 pm ]
Post subject:  Re: SOLVED: Bind NR server to a specific IP instead of

acetylator wrote:


but you can simply use iptables to accept packets to the specific interface and drop all the others, it's much easier, see man iptables

and you might want to enable lo on the server system if you plan to run client on it.

Author:  acetylator [ Thu Dec 03, 2015 6:02 am ]
Post subject:  Re: SOLVED: Bind NR server to a specific IP instead of

Yes, you can use this, too. However, in my situation it wouldn't make much sense. My server is reachable only from limited number of ports (due to the nature of the used network infrastructure) and I have another application that must listen on the same port as NeoRouter Server. I have solved this by getting a secondary IP address (so I have two network interfaces). NeoRouter is listening on port XXX on IP, and the other application is listening on the same port XXX on IP
Probably this could be solved with iptables, too, but I find my solution easier - you compile a tiny file and change two lines of code. Besides, it's good to have such a module just for the case, since it can be used with any application. There is also one last, and the most important factor - I simply hate fiddling with iptables/routing :D

Page 1 of 1 All times are UTC - 5 hours
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group