Re: UDP catchall

---

• From: Brooks Davis <brooks@xxxxxxxxxxx>
• Date: Mon, 29 Oct 2007 10:04:24 -0500

---

On Sat, Oct 27, 2007 at 04:21:23AM +0100, Bruce M. Simpson wrote:

Matus Harvan wrote:

Hi,

I was wondering if I could get some feedback about the patch and
whether others think it could be committed.

The UDP catchall patch as submitted here clashes with the blackhole
functionality, and also bypasses the update of the protocol statistics and
unreachable port rate limiting. It is not yet suitable for a production
kernel.

It probably shouldn't trigger the log_in_vain message, however that log
message is misleading anyway (the reception of UDP datagrams destined for
unbound ports is not a 'connection attempt').

I would argue that the UDP and TCP catchall feature should perhaps have a
configurable port range as well, under
net.inet.ip.portrange.relayhigh/relaylow. This would allow the inpcb code to
avoid allocating sockets from that range at all -- as well as allowing
inbound packets for that range to be immediately relayed to mtund without
the cost of a hash lookup.

While I think this idea has some merit, I think we specifically want
the current wildcard ability to allow for a system that requires
minimal configuration. The problem with a range is that it doesn't
allow disjoint sets and it requires that if you really do want all the
ports you need to produce a list of currently allocated ports to avoid
allocating. A more (over)engineered solution holds some attraction, but
I'm not yet convinced the fact that it could exist precludes the current
implementation.

-- Brooks

Attachment: pgprmMIQLQp9u.pgp
Description: PGP signature

---

• Follow-Ups:
  • Re: UDP catchall
    • From: Bruce M. Simpson

• References:
  • Re: UDP catchall
    • From: Matus Harvan
  • Re: UDP catchall
    • From: Bruce M. Simpson

• Prev by Date: Current problem reports assigned to freebsd-net@FreeBSD.org
• Next by Date: Re: MPLS implementatrion!
• Previous by thread: Re: UDP catchall
• Next by thread: Re: UDP catchall
• Index(es):
  • Date
  • Thread

---

Relevant Pages Help with Routing and Remote Access (Win2K) ... It appears, however, that some PS2 games require certain TCP/UDP ports to be ... 10070-10080 TCP ... 6000-6999 UDP ... and other place to specify "Special Ports" under my "Internet Properties" ... (microsoft.public.windows.server.networking) Re: WSAAsyncSelect stopped working ... the utility sends out a UDP back and waits for an ACK using ... is blocking any ports. ... the receipt of a packet, ... Netstat -a shows the UDP port on the PC side open. ... (microsoft.public.win32.programmer.networks) Re: Media services - cannot connect to media from internet ... server's active to see if a mms service is listening on 1755 TCP & UDP ... >The Windows firewall is disabled, we have a nice Cisco PIX - and 1755 is ... >open for both UDP and TCP, no ports are being blocked outbound. ... >> Cheers - Neil ... (microsoft.public.windowsmedia) Re: FTP Server Question ... >>understand why the server doesn't work when I disable UDP on the ports ... >>that you need both tcp and udp enabled and I've seen information that FTP ... I'm using non-standard ports with my server. ... (comp.security.firewalls) Re: upnp ... sprich Ports fuer RTP/SIP Verbindungen ... oeffnen (ne Menge UDP Ports, ... UDP = UPNP oder meinst Du wirklich UDP = User Datagram Protocol. ... (microsoft.public.de.german.isaserver)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Mailing-Lists  > FreeBSD  > net  > 2007-10