lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 9 May 2009 16:11:19 +0300
From:	Octavian Purdila <>
To:	Eric Dumazet <>
Subject: Re: ports beeing reused too fast

On Saturday 09 May 2009 09:58:25 Eric Dumazet wrote:

> > I've looked over the  code and it looks right, so maybe net_random() is
> > not random enough? Or maybe there are side effects because of the %
> > port_range?
> Random is random :)
> Probability a port can be reused pretty fast is not nul.

Thinking again about it... you are right :)

> So yes, behavior you discovered is expected, when we switched port
> selection from a sequential one (not very secure btw) to a random one.
> Any strong reason why a firewall would drop a SYN because ports were used
> in a previous session ?

We don't know why the firewall (Cisco FWSM) is dropping the packets, may be a 
bug, limitation or miss-configuration. We are trying to track this down with 
the firewall vendor.

> Previous mode can be restored by application itself, using a bind() before
> connect(), if this application knows it has a very high rate of connections
> from a particular host to a particular host. (source ports range being
> small anyway, so your firewall could complain again)

Do you mean bind() with port != 0 ? Because I am already using bind() before 


To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists