[OpenIndiana-discuss] Holding port numbers for servers
Udo Grabowski (IMK)
udo.grabowski at kit.edu
Mon Nov 5 17:08:41 UTC 2012
On 05/11/2012 17:47, Jim Klimov wrote:
> ...
> I take it, the tunable should be set early in OS startup, i.e.
> with some SMF service depending directly on "network" or in an
> rc*.d initscript?
>
> The ports thus reserved are subject to usual privileged-port
> routines and checks (be root or have the permissions via the
> RBAC net_privaddr, SMF and/or zone limit_priv props), right?
>...
>
> On 2012-11-05 17:11, Michael Stapleton wrote:
>> Hi Jim,
>>
>> TCP/UDP tunable:
>>
>> #ndd /dev/tcp tcp_extra_priv_ports
>> ....
>> On Mon, 2012-11-05 at 16:59 +0100, Jim Klimov wrote:
>>> I've (rarely) had problems starting some appservers because a
>>> network client running on the same OS was randomly issued the
>>> needed port number for its communications.
>>>
>>> I haven't seen this behavior for a while, so wanted to ask: are
>>> there now any provisions NOT to issue certain ports (i.e. list
>>> from /etc/services) when an applications opens a client socket?
>>> That is, the listed ports should only be issued if the app binds
>>> itself to this port number explicitly.
>>>> ....
Uh-oh, please not ! I don't see any necessity for such a service,
unless anything is really broken. There are no indications for this,
and all automatically assigned ports are placed well above the ones
used regularly by default. I really don't know what you want to fix.
--
Dr.Udo Grabowski Inst.f.Meteorology a.Climate Research IMK-ASF-SAT
www-imk.fzk.de/asf/sat/grabowski/ www.imk-asf.kit.edu/english/sat.php
KIT - Karlsruhe Institute of Technology http://www.kit.edu
Postfach 3640,76021 Karlsruhe,Germany T:(+49)721 608-26026 F:-926026
More information about the OpenIndiana-discuss
mailing list