hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-15 06:42:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
HardenedBSD src tree
12,495 Commits 91 Branches 0 Tags 2.1 GiB
C 59.5%
C++ 26.7%
Roff 4.9%
Shell 2.9%
Assembly 1.7%
Other 3.8%
33b3ac0633
Go to file
Peter Wemm 33b3ac0633 Make the default behavior of local port assignment match traditional 
systems (my last change did not mix well with some firewall
configurations).  As much as I dislike firewalls, this is one thing I
I was not prepared to break by default.. :-)

Allow the user to nominate one of three ranges of port numbers as
candidates for selecting a local address to replace a zero port number.
The ranges are selected via a setsockopt(s, IPPROTO_IP, IP_PORTRANGE, &arg)
call.  The three ranges are: default, high (to bypass firewalls) and
low (to get a port below 1024).

The default and high port ranges are sysctl settable under sysctl
net.inet.ip.portrange.*

This code also fixes a potential deadlock if the system accidently ran out
of local port addresses. It'd drop into an infinite while loop.

The secure port selection (for root) should reduce overheads and increase
reliability of rlogin/rlogind/rsh/rshd if they are modified to take
advantage of it.

Partly suggested by: pst
Reviewed by: wollman
1996-02-22 21:32:23 +00:00
bin option -f and -i are exclusive (Posix) 1996-02-20 23:27:57 +00:00
eBones Fix weak random number hole 1996-02-21 21:40:14 +00:00
etc Add examples/slattach 1996-02-17 19:46:43 +00:00
games Correct man page section number references (e.g. don't use the 1996-02-11 23:29:40 +00:00
gnu Add a small `gethostname' package. It uses __sysctl(2), and thus 1996-02-13 13:17:49 +00:00
include Don't install netns, it doesn't exist any more. 1996-02-14 15:17:53 +00:00
lib Changed the dimensions of __CTOR_LIST__ and __DTOR_LIST__ from 0 1996-02-20 04:07:26 +00:00
libexec Update the uucpd makefile to install the man page. 1996-02-18 21:38:13 +00:00
lkm Correct some man page cross references and some file 1996-02-05 17:32:16 +00:00
release Ooops, i've botched a backslash in my previous commit. 1996-02-13 13:28:41 +00:00
sbin Print out an informative message if the verbose option is given 1996-02-21 18:40:54 +00:00
secure Add back missing crypt.3 man page. 1996-02-21 08:15:08 +00:00
share Add Bernd Rosauer to contributors. 1996-02-22 11:08:57 +00:00
sys Make the default behavior of local port assignment match traditional 1996-02-22 21:32:23 +00:00
tools Don't look in libkern, it went away. 1995-12-29 01:51:23 +00:00
usr.bin . cast the error and status registers properly to (unsigned short), 1996-02-22 00:33:35 +00:00
usr.sbin Remove useless (for us) Makefiles. There were already other "Makefile.dist" 1996-02-22 19:58:32 +00:00
COPYRIGHT
Makefile do the 'include-tools' as part of the world target (like lib-tools and 1996-02-17 14:23:25 +00:00