Date: Wed, 06 Oct 2004 19:46:50 -0700 From: Sean McNeil <sean@mcneil.com> To: Dan Nelson <dnelson@allantgroup.com> Cc: freebsd-current@freebsd.org Subject: Re: amd sitting on ldaps port Message-ID: <1097117210.1089.1.camel@server> In-Reply-To: <20041007013001.GH3848@dan.emsphone.com> References: <1097095438.1208.7.camel@server> <1097102594.1805.4.camel@server> <20041007013001.GH3848@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-hYdW2n36Ee39S2BDnX1y Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2004-10-06 at 18:30, Dan Nelson wrote: > In the last episode (Oct 06), Sean McNeil said: > > On Wed, 2004-10-06 at 13:59, Dan Nelson wrote: > > > In the last episode (Oct 06), Sean McNeil said: > > > > Looking at /etc/services is states that 636 is for ldaps, but I see= that > > > > amd is using it: > > > >=20 > > > > server# sockstat | grep 636 > > > > root amd 468 5 tcp4 *:636 *:* > > >=20 > > > That's just a random port rpcbind assigned to the "amd" rpc service.=20 > > > If you reboot I bet it'll bind to a different port. Run "rpcinfo -p > > > localhost" to see all the local port numbers assigned to RPC clients. > >=20 > > OK, but aren't there rules about rpc allowing assigned ports like that?= =20 >=20 > Not as far as I know. I suppose bindresvport() could be changed to > walk /etc/services and only use one of the 450 reserved ports not > listed. Another alternative is to set the > net.inet.ip.portrange.lowlast sysctl a little higher; 700 maybe.=20 > 600-1024 is the portrange that has been historically assigned as "local > port numbers that root processes can use". Great. I've added net.inet.ip.portrange.lowlast=3D700 to my /etc/sysctl.conf and it worked as advertised. Thanks. Sean --=-hYdW2n36Ee39S2BDnX1y Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBZK4ayQsGN30uGE4RAnH5AKDGkKAXVL9xxSbuhfr2wg0rT5hUtwCgk9Ln qybQXWGDsZdPPbfiAmme1aA= =6qvc -----END PGP SIGNATURE----- --=-hYdW2n36Ee39S2BDnX1y--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1097117210.1089.1.camel>