amd sitting on ldaps port
Sean McNeil
sean at mcneil.com
Wed Oct 6 19:46:55 PDT 2004
On Wed, 2004-10-06 at 18:30, Dan Nelson wrote:
> In the last episode (Oct 06), Sean McNeil said:
> > On Wed, 2004-10-06 at 13:59, Dan Nelson wrote:
> > > In the last episode (Oct 06), Sean McNeil said:
> > > > Looking at /etc/services is states that 636 is for ldaps, but I see that
> > > > amd is using it:
> > > >
> > > > server# sockstat | grep 636
> > > > root amd 468 5 tcp4 *:636 *:*
> > >
> > > That's just a random port rpcbind assigned to the "amd" rpc service.
> > > If you reboot I bet it'll bind to a different port. Run "rpcinfo -p
> > > localhost" to see all the local port numbers assigned to RPC clients.
> >
> > OK, but aren't there rules about rpc allowing assigned ports like that?
>
> Not as far as I know. I suppose bindresvport() could be changed to
> walk /etc/services and only use one of the 450 reserved ports not
> listed. Another alternative is to set the
> net.inet.ip.portrange.lowlast sysctl a little higher; 700 maybe.
> 600-1024 is the portrange that has been historically assigned as "local
> port numbers that root processes can use".
Great. I've added
net.inet.ip.portrange.lowlast=700
to my /etc/sysctl.conf and it worked as advertised. Thanks.
Sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20041006/7b2e2828/attachment.bin
More information about the freebsd-current
mailing list