Date: Mon, 20 Sep 2004 13:13:31 +0300 (EEST) From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> To: Mike Silbersack <silby@silby.com> Cc: "Danil V.Gerun" <news@625.ru> Subject: Re: Random source ports in FreeBSD? Message-ID: <20040920130911.W24347@atlantis.atlantis.dp.ua> In-Reply-To: <20040918150205.A8909@odysseus.silby.com> References: <621146771453.20040918232248@625.ru> <20040918150205.A8909@odysseus.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! On Sat, 18 Sep 2004, Mike Silbersack wrote: >> So, as far as I got to know, randomizing source ports in FreeBSD is >> impossible now? (to be exact - is not implemented?) >> >> It's very interesting to me - WHY is it so? >> I mean - may be there are good reasons for not making all this?.. > > Source port randomization was implemented before 4.10 was released. See > in_pcb.c revisions 1.143 - 1.146, 1.59.2.27, or 1.59.2.27.2.1, depending on > the branch you're interested in: > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/in_pcb.c Yes, source port randomization works in 4.10-RELEASE, but port number sequence tends to give the same port number every 100-200 ports. Local FTP install of 4.10-RELEASE always fail for me, as a workaround I'm forced to issue sysctl net.inet.ip.portrange.randomized=0 before reselecting FTP server in sysinstall. Are there plans to fix the quality of random port number generation under 4-STABLE? Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040920130911.W24347>