IPFW: Why can I add port numbers to established and what does that do ?

Tim Daneliuk tundra at tundraware.com
Fri Nov 17 03:04:06 UTC 2017

On 11/16/2017 08:53 PM, Chris Gordon wrote:
> No, that is not how this work.  There is no renegotiation of ports

You missed my point entirely.  Socket connections to services like
sshd, sendmail, and so forth only rendevouz on the well known port.
The server the fork-execs itself with the child going back to listen
on the well known port and the parent and client connecting at some
ephemeral point.  This happens ONCE at initial connection time.

If it did not work this way, servers would be prevented from listening
for more requests while they handled a single request ... they would
effectively be serialized on a request-by-request basis.

Tim Daneliuk     tundra at tundraware.com
PGP Key:         http://www.tundraware.com/PGP/

More information about the freebsd-questions mailing list