RE: IPMI & portrange
- From: John Polstra <jdp@xxxxxxxxxxx>
- Date: Tue, 26 Sep 2006 13:53:44 -0700 (PDT)
On 26-Sep-2006 Danny Braniss wrote:
This keeps bitting me every other upgrade, IPMI on some
hosts, if enabled, will steal packets to port 623 or 664, so
the current solution is either set net.inet.ip.portrange.lowlast
to 664, (for some reason this does not seem to work if done via
loader.conf) or change it in sys/netinet/in.h.
So, is there some way to blacklist some ports, instead
of increasing portrange.lowlast?
You could use your favorite scripting language to create a socket,
bind it to the port, listen on it, and just sit there doing nothing
-- for each port you want to blacklist. That would keep the ports
from being used by anything else.
John
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: IPMI & portrange
- From: Brooks Davis
- Re: IPMI & portrange
- References:
- IPMI & portrange
- From: Danny Braniss
- IPMI & portrange
- Prev by Date: Re: Much improved sendfile(2) kernel implementation
- Next by Date: Re: IPMI & portrange
- Previous by thread: IPMI & portrange
- Next by thread: Re: IPMI & portrange
- Index(es):
Relevant Pages
|
|
