--/WwmFnJnmDyWGHa4
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Nov 09, 2006 at 02:45:25PM -0500, Greg A. Woods wrote:
> At Mon, 9 Oct 2006 08:55:18 -0400,
> Christos Zoulas wrote:
> >=20
> > On Oct 9,  7:57am, david@l8s.co.uk (David Laight) wrote:
> > -- Subject: Re: Merging entries from the IANA services list
> >=20
> > | Except that it is a royal PINA when it converts dynamically allocated
> > | port numbers to the names of procotols you've never heard of and are
> > | very unilikely to ever run.
> >=20
> > We can have a file that blacklists ports so that we ignore them when
> > we convert the IANA file to services.
>=20
> That wouldn't work well since the anonymous list is not static.
>=20
> 	net.inet.ip.anonportmin =3D 49152
> 	net.inet.ip.anonportmax =3D 65535
>=20
> The "Right Thing(tm)" might be to have getservbyport() simply not do any
> lookup for a port in the _current_ anonymous range.  (Or is there an
> even better way to find out which local ports were assigned as anonymous
> ports?)

The problem with that is you are assuming that getservbyport() is only=20
called for local services. I have used ethereal and wireshark on capture=20
files from other systems. In those cases, what is a locally-anonymous port=
=20
may not be an anonymous port in the capture.

Sadly, I think the only long-term solution is to cope with port numbers=20
being misinterpreted, since there are a number of different ways they can=
=20
be misinterpreted. :-)

Take care,

Bill

--/WwmFnJnmDyWGHa4
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (NetBSD)

iD8DBQFFVmGRWz+3JHUci9cRAuiCAJ43NpaQSk21ewdn4T6S8FhWA3HZFwCfc8bl
P7O874KHZrbjj5tTYYDYHos=
=vgc6
-----END PGP SIGNATURE-----

--/WwmFnJnmDyWGHa4--