Subject: Re: ftp-data no in /etc/services
To: None <current-users@sun-lamp.cs.berkeley.edu>
From: Danny Thomas <D.Thomas@vthrc.uq.edu.au>
List: current-users
Date: 03/15/1994 12:43:57
cgd replies to Peter Galbavy <peter@wonderland.org>
>> Just using tcpdump to track an ftp, and I notice that ftp-data
>> is not in /etc/services. Is this intentional ?
>
>the only system i can find it on is SunOS...
at some stage I was going to offer the /etc/services file I prepared from
rfc 1340 with some further comments and some more recent additions. It is a
useful document in its own right as it cross-references some rfcs, but is
rather large (1200 lines in 40K) to be textually searched by
getservby...(). As a hopefully small project I was thinking of undertaking
a rewrite of these routine to employ db lookups. At least the last time I
looked at current it still seemed to be searched line-by-line.
cheers,
Danny Thomas
And apart from the usefulness of a comprehensive /etc/service list for tcp
dumping (with the official names), it's also very useful for setting up
firewalls when you are likely to refer to many infrequently-used services,
eg so you can have rules like the following with the compiler component of
the TAMU Drawbridge filtering bridge:
define bad-rep
<!tftp/udp in-out>, # these are particularly bad
<!2000/tcp in-out>, # OpenWindows
<!6000-6099/tcp in-out>, # and first hundred X consoles
<!sunrpc/udp in-out>, <!2049/udp in-out>, # RPC and NFS-default
<!bootps/udp in-out>, <!bootpc/udp in-out>,
<!exec/tcp in-out>, <!biff/udp in-out>, # and now for a group of UN*X
<!login/tcp in-out>, <!who/udp in-out>, # services. If some of these
<!cmd/tcp in-out>, <!syslog/udp in-out>, # shouldn't be filtered, it
<!printer in-out>, <!talk in-out>, # is just my ignorance
showing.
<!ntalk in-out>, <!utime in-out>,
<!uucp in-out>;
a sample (I'm not sure of the 'right' approach, but I commented out the
unused version of udp/tcp). Should be updated for rfc 1520 (not sure of
exact number)
# fairly comprehensive service list prepared from RFC1340 (July 1992)
# Ports for Historic, Elective & Required standard protocols, per RFC 1500,
# are marked accordingly. These port numbers were listed in RFC 1500
# and were gleaned from the referenced RFCs which was tedious and
# probably error-prone.
#
# NB it seems that the general policy is to allocate both UDP & TCP ports
# for a service even when only one of these is needed, eg port 25
#
# Using the rfc also means that standard names are used
#
# NB HISTORIC means deprecated (RFC 1500 says "have Not Recommended status")
# 0/tcp # Reserved
# 0/udp # Reserved
#
tcpmux 1/tcp # TCP Port Service Multiplexer
tcpmux 1/udp # TCP Port Service Multiplexer
....
# RFC 959: (RECOMMENDED, STANDARD 9)
ftp-data 20/tcp # File Transfer [Default Data]
#ftp-data 20/udp # File Transfer [Default Data]
ftp 21/tcp # File Transfer [Control]
#ftp 21/udp # File Transfer [Control]
#
# 22/tcp # Unassigned
# 22/udp # Unassigned
......
applix 999/udp # Applix ac
#
puprouter 999/tcp
puprouter 999/udp
#
cadlock 1000/tcp
#
ock 1000/udp
#
#
#
#
# Registered Ports in the range 1024-65535
# =========================================
#
blackjack 1025/tcp # network blackjack
blackjack 1025/udp # network blackjack
....
afs3-rmtsys 7009/tcp # remote cache manager service
afs3-rmtsys 7009/udp # remote cache manager service
man 9535/tcp
man 9535/udp
isode-dua 17007/tcp
isode-dua 17007/udp
------------------------------------------------------------------------------