Date: Thu, 16 Nov 2017 21:03:57 -0600 From: Tim Daneliuk <tundra@tundraware.com> To: Chris Gordon <freebsd@theory14.net> Cc: javocado <javocado@gmail.com>, freebsd-questions@freebsd.org Subject: Re: IPFW: Why can I add port numbers to established and what does that do ? Message-ID: <a566dad0-92a7-ab48-34b8-f31e8272a8d0@tundraware.com> In-Reply-To: <4C321B9B-EFA1-411C-8DDB-2399FBCFF4AC@theory14.net> References: <CAP1HOmQEKgocsejRHOMEfb-Ghzev%2BDuQiZ5OwYcQLktfu0xvDQ@mail.gmail.com> <d80d16dc-c01e-8224-e9a5-df2420390668@tundraware.com> <4C321B9B-EFA1-411C-8DDB-2399FBCFF4AC@theory14.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/16/2017 08:53 PM, Chris Gordon wrote: > No, that is not how this work. There is no renegotiation of ports You missed my point entirely. Socket connections to services like sshd, sendmail, and so forth only rendevouz on the well known port. The server the fork-execs itself with the child going back to listen on the well known port and the parent and client connecting at some ephemeral point. This happens ONCE at initial connection time. If it did not work this way, servers would be prevented from listening for more requests while they handled a single request ... they would effectively be serialized on a request-by-request basis. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a566dad0-92a7-ab48-34b8-f31e8272a8d0>