Date: Wed, 23 May 2007 10:04:16 +0300 From: Danny Braniss <danny@cs.huji.ac.il> To: "Jack Vogel" <jfvogel@gmail.com> Cc: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no>, Ian FREISLICH <ianf@clue.co.za>, freebsd-current@freebsd.org Subject: Re: em0 hijacking traffic to port 623 Message-ID: <E1HqktN-000Jpv-2p@cs1.cs.huji.ac.il> In-Reply-To: Your message of Tue, 22 May 2007 09:38:29 -0700 .
next in thread | raw e-mail | index | archive | help
> On 5/22/07, Dag-Erling Sm=F8rgrav <des=40des.no> wrote: > > Ian FREISLICH <ianf=40clue.co.za> writes: > > > No, it's a March 6 current. How safe is it to just update the > > > sys/dev/em directory and recompile? Quite a lot has changed in > > > CURRENT since then and I don't want to update everything on these > > > servers just yet. > > > > Quick workaround: configure inetd to listen to port 623 so rpcbind > > won't assign these ports to the NFS server. Something like this: > > > > asf-rmcp dgram udp nowait root /bin/false false= > > asf-rmcp stream tcp nowait root /bin/false false= > > You dont have to do anything this crude btw, there is an setting > in rc.conf I believe to control the range, I'm rusty on the details > right now, I discovered this while working this same issue with > Yahoo, but its been 6 months or more since. >=20 in loader.conf: net.inet.ip.portrange.lowlast=3D=22665=22 danny > Jack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1HqktN-000Jpv-2p>