From owner-freebsd-hackers  Mon Feb 22  2:11: 9 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from bamboo.verinet.com (bamboo.verinet.com [204.144.246.5])
	by hub.freebsd.org (Postfix) with ESMTP id 348E410EA0
	for <hackers@freebsd.org>; Mon, 22 Feb 1999 02:11:01 -0800 (PST)
	(envelope-from allenc@verinet.com)
Received: from struct. (allenc.verinet.com [199.45.180.181]) by bamboo.verinet.com (8.8.8/8.7.1) with ESMTP id DAA26184 for <hackers@freebsd.org>; Mon, 22 Feb 1999 03:11:00 -0700
Received: from verinet.com (struct. [192.168.1.3])
	by struct. (8.8.8/8.8.8) with ESMTP id DAA01620
	for <hackers@freebsd.org>; Mon, 22 Feb 1999 03:10:57 -0700 (MST)
	(envelope-from allenc@verinet.com)
Message-ID: <36D12D31.1C649D7F@verinet.com>
Date: Mon, 22 Feb 1999 03:10:57 -0700
From: Allen Campbell <allenc@verinet.com>
X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.7-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: hackers@freebsd.org
Subject: Privileged port problems
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

My ISP appears to be filtering outgoing packets for privileged source port
numbers.  This is preventing me from accessing anoncvs.freebsd.org; the CVS
client attempts to authenticate to anoncvs.freebsd.org using a privileged source
port (via rsh) and the operation times out.  I also observe that rpcinfo as a
non-privileged user works correctly, but fails as root because it then attempts
to use a privileged source port.

I'm fairly certain I will have no luck convincing my ISP to allow these
connections.  No doubt they will claim it prevents their customers from using
their system to attack other hosts.

I am able to access the Mozilla anonymous CVS server successfully because they
are using :pserver: authentication which uses no reserved port to authenticate. 
Would it be possible to provide :pserver: anonymous CVS authentication to
anoncvs.freebsd.org?

Disclaimer: If I have made some hopeless mistake in my analysis of this please
forgive me.  I don't claim some network guru status; I'm just trying to figure
this out.

Thanks

-- 
  Allen Campbell       |  Lurking at the bottom of the
  allenc@verinet.com   |   gravity well, getting old.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message