How to bind services to a specified IP for chroot VPS?
Test your configuration

How to bind services to a specified IP for chroot VPS?

Bind services to a specified IP is very important because you will only have one single loopback net device and this loopback device will normally be used to run services at host. For guest server, you can only bind to virtual LAN's IP that describe at the previous topic.

Therefore , each single VLAN is advised to serve a single guest servers for easy management.

i will explain how will this can be done. i will assume our vlan ip is 192.168.2.201

SSH Daemon

we edit the file /etc/ssh/sshd_config Locate

#ListenAddress 0.0.0.0

replace

ListenAddress 192.168.2.201

Apache 2 web server

Debian :

edit the file /etc/apache2/ports.conf

 Listen 80

replace

Listen 192.168.2.201:80

Mysql Server

edit the file /etc/mysql/my.cnf

bind-address            = 127.0.0.1

replace

bind-address            = 192.168.2.201

Postgresql Server

Postgresql 7.4

Locate file /etc/postgresql/7.4/main/postgresql.conf

#virtual_host=''
port = 5434
#tcpip_socket = true

replace

virtual_host='192.168.1.201'
port = 5434
tcpip_socket = true

Posgresql 8.0 and above

Locate file - /etc/postgresql/8.3/main/postgresql.conf

#listen_addresses = 'localhost' 
port = 5434

replace

listen_addresses = '192.168.2.201' 
port = 5434

Postfix Mail Server

Locate file - /etc/postfix/master.cf

#smtp      inet  n       -       -       -       -       smtpd

replace

192.168.2.201:smtp      inet  n       -       -       -       -       smtpd

Dovecot Mail Server

Locate file - /etc/dovecot/dovecot.conf

#listen = *

replace

listen=192.168.2.201

Squid Proxy Server

Locate file - /etc/squid/squid.conf

#http_port :3128

replace

http_port 192.168.2.201:3128

Webmin

Locate file - /etc/webmin/miniserv.conf

add it at last line

bind=192.168.2.201

VSFTPD FTP server

Locate file - /etc/vsftpd.conf

add it at last line

listen_address=192.168.2.201

Test your configuration

Try to following command to ensure all the services are bind to the correct address

# netstat -lnp |grep 192.168.2.201
tcp        0      0 192.168.2.201:3306      0.0.0.0:*               LISTEN      4500/mysqld
tcp        0      0 192.168.2.201:80        0.0.0.0:*               LISTEN      4374/apache2
tcp        0      0 192.168.2.201:22        0.0.0.0:*               LISTEN      4755/sshd
tcp        0      0 192.168.2.201:5434      0.0.0.0:*               LISTEN      4600/postmaster

well, we can also test our loopback device

# netstat -lnp |grep 127.0.0.1
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      3487/named
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      3487/named
udp        0      0 127.0.0.1:53            0.0.0.0:*                           3487/named