Please, Let Me Choose The Binding Address

When a program is listening for new TCP connections, it needs to choose which ip address and port to listen on. While the port option is pretty easy to understand1, people give less thought to the address they use. Why is that?

Usually programs bind to one of two addresses: to listen on the loopback interface or to listen on all interfaces. While those are the most common options, some people have more complex setup that won’t fall in one of those two options. For example, Google Chrome will only let you expose its CDP port to the loopback interface, which make sense for most people but not if you want to expose it remotely. The other option is also not always nice to have. Beside security risks of listening on all interfaces, sometimes you might have different interfaces for different services and listening on will cause a port collision.


If you need to forward ports from the loopback interface to another interface, you can use socat(1). socat(1) is a great program that will forward almost any type of socket to almost any type of socket. Sadly it requires another running process but it fixes the problem of loopback only programs without patching the program itself.

  1. Beside the surprising zero port maybe ↩︎