Date: Mon, 16 Oct 2000 18:28:08 -0700 (PDT) From: Guolin Cheng <chenggl@yahoo.com> To: Matt Heckaman <matt@ARPA.MAIL.NET>, freebsd-security@freebsd.org Subject: Re: Reserved ports too limited for amd (automount) on FreeBSD 4.1 Message-ID: <20001017012808.5214.qmail@web106.yahoomail.com>
next in thread | raw e-mail | index | archive | help
Matt Heckaman, Thanks. I changed using sysctl command after FreeBSD 4.1 reboot, the problem is: even the parameter is changed ( sysctl -w net.inet.ip.portrange.lowfirst=2023 ), the amd still using ports <1024, since the reserved ports already was in use from 1023! and now they will be used one by one sequentially!!! :(( Yours sincerely, Guolin Cheng --- Matt Heckaman <matt@ARPA.MAIL.NET> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Did you actually do the sysctl -w <target> though? Just putting them in > sysctl.conf wont take effect until reboot, though I would suspect that one > could just 'sh /etc/rc.sysctl' without a problem.. > > I'm afraid I'm not really familiar with amd, nor messing with this stuff, > so I'm just throwing out a pseudo-educated guess here. :) > > Hope that helps some. > > On Mon, 16 Oct 2000, Guolin Cheng wrote: > > : Matt Heckaman, > : > : Thanks. But in fact, I already added the following lines into the file > : /etc/sysctl.conf: > : > : net.inet.ip.portrange.lowfirst=2023 > : net.inet.ip.portrange.first=2024 > : > : But net.inet.ip.portrange.lowfirst is still 1023!! although > : net.inet.ip.portrange.first was changed into 2024 (this is of no > : use..:(( ), so when I use amd, the sockets still use reserved > : ports.(you can use netstat -a command to show the TCP/UDP ports in > : use) and make my machine crazy and die. > : > : I want to know if we can find a configuration option to instruct amd > : NOT to use reserved ports by deafault.. Thanks. > : > : > : Yours sincerely, > : > : Guolin Cheng > > * Matt Heckaman - mailto:matt@lucida.qc.ca http://www.lucida.qc.ca/ * > * GPG fingerprint - A9BC F3A8 278E 22F2 9BDA BFCF 74C3 2D31 C035 5390 * > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.3 (FreeBSD) > Comment: http://www.lucida.qc.ca/pgp > > iD8DBQE563n5dMMtMcA1U5ARAgaeAKCNU7vngVhfJT4dE7w35hAuY5C5iwCfQ9J0 > e5q1UO6VNSENiwL11uvdT7Q= > =9BnD > -----END PGP SIGNATURE----- > > ===== With Best Regards. Guolin Cheng Alexa Internet Company Presidio of San Francisco, San Francisco, CA 94129 (415)561-6900 ext. 6021 __________________________________________________ Do You Yahoo!? Yahoo! Messenger - Talk while you surf! It's FREE. http://im.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001017012808.5214.qmail>