lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <201002201557.04427.opurdila@ixiacom.com> Date: Sat, 20 Feb 2010 15:57:04 +0200 From: Octavian Purdila <opurdila@...acom.com> To: Cong Wang <amwang@...hat.com> Cc: David Miller <davem@...emloft.net>, Linux Kernel Network Developers <netdev@...r.kernel.org>, Linux Kernel Developers <linux-kernel@...r.kernel.org>, Neil Horman <nhorman@...driver.com>, Eric Dumazet <eric.dumazet@...il.com>, "Eric W. Biederman" <ebiederm@...ssion.com> Subject: Re: [net-next PATCH v5 0/3] net: reserve ports for applications using fixed port numbers On Saturday 20 February 2010 10:11:40 you wrote: > Octavian Purdila wrote: > > This patch introduces /proc/sys/net/ipv4/ip_local_reserved_ports which > > allows users to reserve ports for third-party applications. > > > > The reserved ports will not be used by automatic port assignments > > (e.g. when calling connect() or bind() with port number 0). Explicit > > port allocation behavior is unchanged. > > > > Changes from the previous version: > > - switch the /proc entry format to coma separated list of range ports > > - treat -EFAULT just like any other error and acknowledge written values > > - use isdigit() in proc_get_ulong > > > > Octavian Purdila (3): > > sysctl: refactor integer handling proc code > > sysctl: add proc_do_large_bitmap > > net: reserve ports for applications using fixed port numbers > > Hi, > > This version looks fine for me, but I need to give them a test, and > I will put feedbacks asap. Thanks for your work! > > Still two things: > > 1) bitops are always atomic on every arch, right? If yes, then ok. AFAIK, yes. > 2) I hope you could add some documentation to show the relations > between ip_local_port_range and ip_local_reserved_ports. > How does this sound: ip_local_reserved_ports - list of comma separated ranges Specify the ports which are reserved for known third-party applications. These ports will not be used by automatic port assignments (e.g. when calling connect() or bind() with port number 0). Explicit port allocation behavior is unchanged. The format used for both input and output is a comma separated list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and 10). Writing to the file will clear all previously reserved ports and update the current list with the one given in the input. Note that ip_local_port_range and ip_local_port_range settings are independent and both are considered by the kernel when determining which ports are available for automatic port assignments. You can reserve ports which are not in the current ip_local_port_range, e.g.: $ cat /proc/sys/net/ipv4/ip_local_port_range 32000 61000 $ cat /proc/sys/net/ipv4/ip_local_reserved_ports 8080,9148 although this is redundant. However such a setting is useful if later the port range is changed to a value that will include the reserved ports. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists