Hi List(s)
For a firewall setup I need to know in which range applications like
rsh, or better yet the rresvport() libc function allocate reserved ports.
Do I have to expect ports in the whole 1..1024 range (maybe omitting those
already in use by other servers) or is only a limited range used (like
512-1023).
Thanks in advance,
Michael.
P.S.
Yes, I know I shouldn't allow such things through a firewall, but I have
to (at least for now) and it's also not into the internet but only between
internal departments.
--
Michael Weller: [email protected], [email protected],
or even [email protected]. If you encounter an eowmob account on
any machine in the net, it's very likely it's me.
Dr. Michael Weller wrote:
> For a firewall setup I need to know in which range applications like
> rsh, or better yet the rresvport() libc function allocate reserved ports.
>
> Do I have to expect ports in the whole 1..1024 range (maybe omitting those
> already in use by other servers) or is only a limited range used (like
> 512-1023).
This isn't a kernel question as the allocation is handled entirely by
userspace. Userspace tries each port in turn until it finds one that
isn't used at the moment.
The non-privileged local port range can be read from and written to
/proc/sys/net/ipv4/ip_local_port_range, but that's not your question.
The man page for rresvport() says:
The rresvport() function is used to obtain a socket with a
privileged address bound to it. This socket is suitable for use by
rcmd() and several other functions. Privileged Internet ports are
those in the range 0 to 1023. Only the super-user is allowed to
bind an address of this sort to a socket.
For a firewall, you should probably distinguish these ports from fixed
services ports (like ssh and smtp) by having different rules for
Outgoing and Incoming connections. This is done by matching on the TCP
SYN and ACK flags (see any firewall tutorial).
enjoy,
-- Jamie