lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 19 Jun 2015 13:39:08 -0400
From:	Trond Myklebust <trond.myklebust@...marydata.com>
To:	Steven Rostedt <rostedt@...dmis.org>
Cc:	Jeff Layton <jlayton@...chiereds.net>,
	Eric Dumazet <eric.dumazet@...il.com>,
	Anna Schumaker <anna.schumaker@...app.com>,
	Linux NFS Mailing List <linux-nfs@...r.kernel.org>,
	Linux Network Devel Mailing List <netdev@...r.kernel.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Bruce James Fields <bfields@...ldses.org>
Subject: Re: [REGRESSION] NFS is creating a hidden port (left over from
 xs_bind() )

On Fri, Jun 19, 2015 at 1:17 PM, Steven Rostedt <rostedt@...dmis.org> wrote:
> On Fri, 19 Jun 2015 12:25:53 -0400
> Steven Rostedt <rostedt@...dmis.org> wrote:
>
>
>> I don't see that 55201 anywhere. But then again, I didn't look for it
>> before the port disappeared. I could reboot and look for it again. I
>> should have saved the full netstat -tapn as well :-/
>
> Of course I didn't find it anywhere, that's the port on my wife's box
> that port 947 was connected to.
>
> Now I even went over to my wife's box and ran
>
>  # rpcinfo -p localhost
>    program vers proto   port  service
>     100000    4   tcp    111  portmapper
>     100000    3   tcp    111  portmapper
>     100000    2   tcp    111  portmapper
>     100000    4   udp    111  portmapper
>     100000    3   udp    111  portmapper
>     100000    2   udp    111  portmapper
>     100024    1   udp  34243  status
>     100024    1   tcp  34498  status
>
> which doesn't show anything.
>
> but something is listening to that port...
>
>  # netstat -ntap |grep 55201
> tcp        0      0 0.0.0.0:55201           0.0.0.0:*               LISTEN


Hang on. This is on the client box while there is an active NFSv4
mount? Then that's probably the NFSv4 callback channel listening for
delegation callbacks.

Can you please try:

echo "options nfs callback_tcpport=4048" > /etc/modprobe.d/nfs-local.conf

and then either reboot the client or unload and then reload the nfs
modules before reattempting the mount. If this is indeed the callback
channel, then that will move your phantom listener to port 4048...

Cheers
   Trond
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ