Subject: Reserved port range patches
To: None <tech-net@netbsd.org>
From: Matthias Scheler <tron@zhadum.de>
List: tech-net
Date: 08/24/2000 17:32:34
Hello,
as a fix for PR kern/10880 I inventend two new sysctl variables called
"net.inet.ip.resvportmin" and "net.inet.ip.resvportmax" which control
the range of reserved ports.
Any objections to commit this?
Kind regards
--
Matthias Scheler http://www.sighardstrasse.de/~tron/
Index: in.h
===================================================================
RCS file: /cvsroot/syssrc/sys/netinet/in.h,v
retrieving revision 1.49
diff -u -r1.49 in.h
--- in.h 2000/07/28 12:13:34 1.49
+++ in.h 2000/08/24 17:26:05
@@ -352,7 +352,9 @@
#define IPCTL_MAXFLOWS 13 /* maximum ip flows allowed */
#define IPCTL_HOSTZEROBROADCAST 14 /* is host zero a broadcast addr? */
#define IPCTL_GIF_TTL 15 /* default TTL for gif encap packet */
-#define IPCTL_MAXID 16
+#define IPCTL_RESVPORTMIN 16 /* minimum reserved port */
+#define IPCTL_RESVPORTMAX 17 /* maximum reserved port */
+#define IPCTL_MAXID 18
#define IPCTL_NAMES { \
{ 0, 0 }, \
@@ -371,6 +373,8 @@
{ "maxflows", CTLTYPE_INT }, \
{ "hostzerobroadcast", CTLTYPE_INT }, \
{ "gifttl", CTLTYPE_INT }, \
+ { "resvportmin", CTLTYPE_INT }, \
+ { "resvportmax", CTLTYPE_INT }, \
}
#endif /* !_XOPEN_SOURCE */
Index: in_pcb.c
===================================================================
RCS file: /cvsroot/syssrc/sys/netinet/in_pcb.c,v
retrieving revision 1.66
diff -u -r1.66 in_pcb.c
--- in_pcb.c 2000/07/06 12:51:39 1.66
+++ in_pcb.c 2000/08/24 17:26:05
@@ -147,6 +147,8 @@
int anonportmin = IPPORT_ANONMIN;
int anonportmax = IPPORT_ANONMAX;
+int resvportmin = IPPORT_RESERVEDMIN;
+int resvportmax = IPPORT_RESERVEDMAX;
struct pool inpcb_pool;
@@ -287,8 +289,8 @@
if (p == 0 || (error = suser(p->p_ucred, &p->p_acflag)))
return (EACCES);
#endif
- min = IPPORT_RESERVEDMIN;
- max = IPPORT_RESERVEDMAX;
+ min = resvportmin;
+ max = resvportmax;
lastport = &table->inpt_lastlow;
} else {
min = anonportmin;
Index: ip_input.c
===================================================================
RCS file: /cvsroot/syssrc/sys/netinet/ip_input.c,v
retrieving revision 1.116
diff -u -r1.116 ip_input.c
--- ip_input.c 2000/07/06 12:51:40 1.116
+++ ip_input.c 2000/08/24 17:26:05
@@ -1715,6 +1715,31 @@
&ip_gif_ttl));
#endif
+#ifndef IPNOPRIVPORTS
+ case IPCTL_RESVPORTMIN:
+ old = resvportmin;
+ error = sysctl_int(oldp, oldlenp, newp, newlen, &resvportmin);
+ if (resvportmin >= resvportmax
+ || resvportmin > IPPORT_RESERVEDMAX
+ || resvportmin < IPPORT_RESERVEDMIN
+ ) {
+ resvportmin = old;
+ return (EINVAL);
+ }
+ return (error);
+ case IPCTL_RESVPORTMAX:
+ old = resvportmax;
+ error = sysctl_int(oldp, oldlenp, newp, newlen, &resvportmax);
+ if (resvportmin >= resvportmax
+ || resvportmax > IPPORT_RESERVEDMAX
+ || resvportmax < IPPORT_RESERVEDMIN
+ ) {
+ resvportmax = old;
+ return (EINVAL);
+ }
+ return (error);
+#endif
+
default:
return (EOPNOTSUPP);
}
Index: ip_var.h
===================================================================
RCS file: /cvsroot/syssrc/sys/netinet/ip_var.h,v
retrieving revision 1.41
diff -u -r1.41 ip_var.h
--- ip_var.h 2000/03/30 02:37:40 1.41
+++ ip_var.h 2000/08/24 17:26:05
@@ -188,6 +188,8 @@
extern u_int ip_mtudisc_timeout; /* seconds to timeout mtu discovery */
extern int anonportmin; /* minimum ephemeral port */
extern int anonportmax; /* maximum ephemeral port */
+extern int resvportmin; /* minimum reserved port */
+extern int resvportmax; /* maximum reserved port */
extern struct rttimer_queue *ip_mtudisc_timeout_q;
#ifdef GATEWAY
extern int ip_maxflows;