lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201002201557.04427.opurdila@ixiacom.com>
Date:	Sat, 20 Feb 2010 15:57:04 +0200
From:	Octavian Purdila <opurdila@...acom.com>
To:	Cong Wang <amwang@...hat.com>
Cc:	David Miller <davem@...emloft.net>,
	Linux Kernel Network Developers <netdev@...r.kernel.org>,
	Linux Kernel Developers <linux-kernel@...r.kernel.org>,
	Neil Horman <nhorman@...driver.com>,
	Eric Dumazet <eric.dumazet@...il.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>
Subject: Re: [net-next PATCH v5 0/3] net: reserve ports for applications using fixed port numbers

On Saturday 20 February 2010 10:11:40 you wrote:
> Octavian Purdila wrote:
> > This patch introduces /proc/sys/net/ipv4/ip_local_reserved_ports which
> > allows users to reserve ports for third-party applications.
> >
> > The reserved ports will not be used by automatic port assignments
> > (e.g. when calling connect() or bind() with port number 0). Explicit
> > port allocation behavior is unchanged.
> >
> > Changes from the previous version:
> > - switch the /proc entry format to coma separated list of range ports
> > - treat -EFAULT just like any other error and acknowledge written values
> > - use isdigit() in proc_get_ulong
> >
> > Octavian Purdila (3):
> >   sysctl: refactor integer handling proc code
> >   sysctl: add proc_do_large_bitmap
> >   net: reserve ports for applications using fixed port numbers
> 
> Hi,
> 
> This version looks fine for me, but I need to give them a test, and
> I will put feedbacks asap. Thanks for your work!
> 
> Still two things:
> 
> 1) bitops are always atomic on every arch, right? If yes, then ok.

AFAIK, yes.

> 2) I hope you could add some documentation to show the relations
>     between ip_local_port_range and ip_local_reserved_ports.
> 

How does this sound:

ip_local_reserved_ports - list of comma separated ranges
        Specify the ports which are reserved for known third-party
        applications. These ports will not be used by automatic port
        assignments (e.g. when calling connect() or bind() with port
        number 0). Explicit port allocation behavior is unchanged.

        The format used for both input and output is a comma separated
        list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and
        10). Writing to the file will clear all previously reserved
        ports and update the current list with the one given in the
        input.

        Note that ip_local_port_range and ip_local_port_range settings
        are independent and both are considered by the kernel when
        determining which ports are available for automatic port
        assignments.

        You can reserve ports which are not in the current
        ip_local_port_range, e.g.:

        $ cat /proc/sys/net/ipv4/ip_local_port_range
        32000   61000
        $ cat /proc/sys/net/ipv4/ip_local_reserved_ports
        8080,9148

        although this is redundant. However such a setting is useful
        if later the port range is changed to a value that will
        include the reserved ports.



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ