Snippets:TCP wrapper based on server IP

int main() {
    struct sockaddr_in6 addr = {0};
    socklen_t length = sizeof(struct sockaddr_in6);
    if (getsockname(STDIN_FILENO, &addr, &length) || addr.sin6_family != AF_INET6) {
        return 1;
    }
    if (!memcmp(addr.sin6_addr, "&\2\10\6\240\3\4\16\377", 9)) { // If server IP is in 2602:806:a003:40e:ff00::/72
        if (!memcmp(&addr.sin6_addr.s6_addr[9], "\0\1\0!!!!", 7)) { // If server IP == 2602:806:a003:40e:ff00:100:2121:2121
            if (addr.sin6_port == htons(22)) {
                execvp("/usr/sbin/sshd", (char*[]) {"/usr/sbin/sshd", "-i"});
            } else if (addr.sin6_port == htons(25)) {
                execvp("/usr/sbin/exim", (char*[]) {"/usr/sbin/exim", "-bs"});
            } else if (addr.sin6_port == htons(21)) {
                execvp("/usr/sbin/vsftpd", (char*[]) {"/usr/sbin/vsftpd", "-olisten=NO"});
            }
        } else if (addr.sin6_addr.s6_addr32[2] == htonl(0xff155000)) { // If server IP is in 2602:806:a003:40e:ff15:5000::/96
            if (addr.sin6_port == htons(25)) {
                switch(ntohl(addr.sin6_addr.s6_addr32[3])) {
                    case 0x1:
                        // If server IP == 2602:806:a003:40e:ff15:5000:0:1, set OPTION1 to VALUE1
                        execvp("/usr/sbin/exim", (char*[]) {"/usr/sbin/exim", "-bs", "-oOPTION1=VALUE1"});
                        break;
                    case 0x2:
                        // If server IP == 2602:806:a003:40e:ff15:5000:0:2, set OPTION1 to VALUE2
                        execvp("/usr/sbin/exim", (char*[]) {"/usr/sbin/exim", "-bs", "-oOPTION1=VALUE2"});
                        break;
                    case 0x3:
                        execvp("/usr/sbin/exim", (char*[]) {"/usr/sbin/exim", "-bs", "-oOPTION1=VALUE3"}); // and so on.
                        break;
                }
            }
        }
    }
    return 1;
}

The beauty of this technique is that it is possible to set certain server options based on the IP address.

In the case of the mail server on 2602:806:a003:40e:ff15:5000::/96, one could have one DNS name pointing to 2602:806:a003:40e:ff15:5000:0:1 (let's call it one.example) and another to 2602:806:a003:40e:ff15:5000:0:2 (let's call it two.example). If a customer wanted to set OPTION1 to VALUE1 for their email server, they would use an MX record of one.example. If a customer wanted to set OPTION1 to VALUE2, they would use two.example as their MX record.

By letting the IPv6 address select option bits, we have basically made it possible for end customers to customize their mail server preferences just based on the IP address that the customer chooses. For example, the SMTP banner could be customized to match a custom domain, and it would not interfere with any other customers of that service.