From owner-freebsd-ipfw Fri Feb 2 14:38:11 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from newnet.co.uk (newnet.co.uk [212.87.80.11]) by hub.freebsd.org (Postfix) with ESMTP id E706E37B4EC for ; Fri, 2 Feb 2001 14:37:53 -0800 (PST) Received: from newnet.co.uk (muktananda.sys.newnet.co.uk [212.87.87.37]) by newnet.co.uk (8.9.3/8.9.3) with ESMTP id WAA15271; Fri, 2 Feb 2001 22:37:32 GMT Message-ID: <3A7B369F.2E9922F8@newnet.co.uk> Date: Fri, 02 Feb 2001 22:37:19 +0000 From: Peter Coates Organization: NewNet Fast Access Internet - Support Team X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: cjclark@alum.mit.edu Cc: Christoph Sold , ipfw@FreeBSD.ORG Subject: Re: Unprivileged Access to Ports <1024 (was Re: freebsd-ipfw@FreeBSD.org) References: <3A79D919.53061763@i-clue.de> <20010202142940.V91447@rfx-216-196-73-168.users.reflex> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Crist J. Clark" wrote: > > On Thu, Feb 01, 2001 at 10:46:01PM +0100, Christoph Sold wrote: > > Hi folks, > > > > for the first time, I need to do some redirect: > > > > On a box with a single interface I want to run an untrusted application > > on port 23. I know, I can run it suid root, but i did not want to for > > obvious reasons. > > > > Q: How to redirect from interface ed0, port 80, to the very same > > machine, untrusted port, e.g. 1234? > > I coulda sworn there was a sysctl knob to turn off the rather outdated > behavor that restricts opening ports <1024 to root. However, I cannot > seem to find such a thing. Am I imagining things? > -- > Crist J. Clark cjclark@alum.mit.edu There is: net.inet.ip.portrange.lowfirst: 1023 net.inet.ip.portrange.first: 1024 They sounds along the right lines. I'm not sure what they do mind ;-) Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message