Re: Controlling ports used by natd

• Previous message: Brett Glass: "Re: Controlling ports used by natd"
• In reply to: Brett Glass: "Re: Controlling ports used by natd"
• Next in thread: Brett Glass: "Re: Controlling ports used by natd"
• Reply: Brett Glass: "Re: Controlling ports used by natd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 12 Dec 2003 03:35:22 -0500
To: Brett Glass <brett@lariat.org>

On Fri, Dec 12, 2003 at 01:19:34AM -0700, Brett Glass wrote:
> At 12:45 AM 12/12/2003, Barney Wolff wrote:
>
> >UTSL libpcap/alias_db.c
>
> I can find no such file in /usr/src/contrib/libpcap. I did find
> one in /usr/src/lib/libalias. It seems to have in it a function
> called FindNewPortGroup that hunts for ports at random, but
> there's no discipline there to make it avoid specific ports
> or groups of ports. Are you suggesting that I modify this
> function to add port exclusion as a new feature? I suppose that
> I could do this, but it would involve changing data structures
> that were used by many programs, including natd and ppp. So,
> there could be a huge ripple effect.

Oops, sorry for the confusion. How fancy a change is up to you,
but changing ALIAS_PORT_BASE and ALIAS_PORT_MASK (and _EVEN)
would let you confine the port range without much work. Un-nat'd
folks are most likely using ports in the hi range, and usually
without trouble - presumably normal programs don't make special
checks for trojan ports.

-- 
Barney Wolff         http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: Brett Glass: "Re: Controlling ports used by natd"
• In reply to: Brett Glass: "Re: Controlling ports used by natd"
• Next in thread: Brett Glass: "Re: Controlling ports used by natd"
• Reply: Brett Glass: "Re: Controlling ports used by natd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: Tc Filter - Port Ranges Calculate Mask Value ... This rule correctly matches port range from 6880 to 6895. ... how the mask value 0x1ff0 has been calculated. ... need to calculte mask value so as to find out which ports lie within ... Note that the hex value of each of the ending values ends with F. ... (comp.os.linux.networking) Re: Alternative hardware solution to Brooktrout Fax boards? ... Is it possible to open a port range? ... I've the need to open several ports, ... >> installed FaxMaker for an SBS customer of mine and was quite impressed ... Tech support was very good for the one issue that ... (microsoft.public.windows.server.sbs) Re: Iona61 Dynamic ports, how to fixate ... Have you looked into the port range feature available in Iona 6.x? ... that corresponds with the ORBname that your ORB process uses. ... itadmin scope create foo.bar ... The ports are limited to a our vendor use of 18000,18010,18020,18030,18050 ... (comp.lang.java.corba) Re: ICF - Enable port range ... Why do you need a large port range? ... Microsoft Windows Networking ... >> method to reference a large range of ports? ... (microsoft.public.windowsxp.security_admin) Re: Alternative hardware solution to Brooktrout Fax boards? ... > Is it possible to open a port range? ... I've the need to open several ports, ... > inluding a list of 40 ports in a range, is there an easy way to do this or ... >> specifically states that their cards are certified to use with the Shared ... (microsoft.public.windows.server.sbs)