Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Which is the effective ephemeral port range in Linux 2.6 for this set up?
Operating Systems Linux Red Hat Which is the effective ephemeral port range in Linux 2.6 for this set up? Post 302935581 by steephen on Tuesday 17th of February 2015 07:28:20 PM
Old 02-17-2015
Which is the effective ephemeral port range in Linux 2.6 for this set up?
In my Linux system ephemeral port range is showing different ranges as follows

$ cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000



cat /etc/sysctl.conf | grep net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range = 9000 65500

Which will be the effective ephemeral port range in my system?
 

10 More Discussions You Might Find Interesting

1. Solaris

how to set the variales for serial port

Hi, I am working with Solaris 9 Sun Blade-100.I am doing some changes for serial port and by mistaken I changed the serial port /dev/term/a variables. So I need to make the changes fro /dev/term/a same as /dev/term/b. So please tell me how can I do that ?? (1 Reply)
Discussion started by: smartgupta
1 Replies

2. AIX

TCP/UDP port range for default AIX NFS?

May I know what is the TCP/UCP port range for any default AIX NFS? Based on rpcinfo -p, I got the following output: program vers proto port service 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100000 4 ... (4 Replies)
Discussion started by: famasutika
4 Replies

3. Shell Programming and Scripting

use variable to set the range of a for loop

Hi; For sure there's an easy answer to this one that I am not finding.. I first set a variable, say b1a:] max=5 then I want to use max to set the range for a for loop like so (it should run for i in 1:5) b1a:] for i in {1..$max}; do echo $i; done {1..5} I would like the output... (2 Replies)
Discussion started by: jbr950
2 Replies

4. AIX

Allow port range using IPsec?

Hi Guys, Please could you tell me if it is possible to have a single rule/filter to allow a certain port range instead of a separate rule for each port? I'm sure it must be possible but I am unable to find the syntax. Thanks Chris (4 Replies)
Discussion started by: chrisstevens
4 Replies

5. Shell Programming and Scripting

How to set end limit while copying files of a range??

I have files being generated in format A20140326.00........ to A20140326.24............. I need to copy these hourly basis from one location to another. Eg. If i copy from 14 to 19 the hour, I use wildcard as A201403226.1*. Requirement is : I need to copy from 06 hour and wil run the script... (1 Reply)
Discussion started by: Saidul
1 Replies

6. UNIX for Dummies Questions & Answers

iptables to block port 25 only to a certain range

I want to limit all *outbound* traffic on eth0 (or all *.*) on port 25 to a specific (allowed) range... I.E. 192.168.1.5 (local ip) tries to connect to 1.2.3.4:25 (outside real world ip) It can proceed because 1.2.3.0/24 is the allowed range Now, 192.168.1.5 (local ip) tries to connect to... (1 Reply)
Discussion started by: holyearth
1 Replies

7. Shell Programming and Scripting

Help with sum range of data set together

Input File: 2000 3 1998 2 1997 2 1994 1 1991 1 1989 1 1987 2 1986 2 1985 1 1984 1 . . 10 277256 9 278274 8 282507 7 284837 6 287066 5 292967 (4 Replies)
Discussion started by: perl_beginner
4 Replies

8. AIX

Forcing named 9 to use a fixed ephemeral port range

I'll start with I'm not an AIX expert, I inherited a lot of AIX servers to maintain. My problem is on AIX 7.1 TL4 SP4 environments. I'm running named as a DNS forwarder only to internal DNS servers. These AIX servers have a customized UDP ephemeral port range to avoid conflicting with the... (0 Replies)
Discussion started by: seanc
0 Replies

9. UNIX for Beginners Questions & Answers

Bash script, find the next closed (not in use) port from some port range.

hi, i would like to create a bash script that check which port in my Linux server are closed (not in use) from a specific range, port range (3000-3010). the print output need to be only 1 port, and it will be nice if the output will be saved as a variable or in same file. my code is: ... (2 Replies)
Discussion started by: yossi
2 Replies

10. UNIX for Beginners Questions & Answers

Cannot subset ranges from another range set

Ca21chr2_C_albicans_SC5314 2159343 2228327 Ca21chr2_C_albicans_SC5314 636587 638608 Ca21chr2_C_albicans_SC5314 5286 50509 Ca21chr2_C_albicans_SC5314 634021 636276 Ca21chr2_C_albicans_SC5314 1886545 1900975 Ca21chr2_C_albicans_SC5314 610758 613544... (9 Replies)
Discussion started by: cryptodice
9 Replies

LEARN ABOUT NETBSD

rfc6056

RFC6056(7)					       BSD Miscellaneous Information Manual						RFC6056(7)

NAME

     rfc6056 -- port randomization algorithms

DESCRIPTION

     The rfc6056 algorithms are used in order to randomize the port allocation of outgoing UDP packets, in order to provide protection from a
     series of ``blind'' attacks based on the attacker's ability to guess the sequence of ephemeral ports associated with outgoing packets.  For
     more information consult RFC 6056.

     The individual algorithms are described below:

   The RFC 6056 algorithms
     The following algorithms are available:

     bsd	   This is the default NetBSD port selection algorithm, which starts from anonportmax and proceeds decreasingly through the avail-
		   able ephemeral ports.

     random_start  Select ports randomly from the available ephemeral ports.  In case a collision with a local port is detected, the algorithm
		   proceeds decreasingly through the sequence of ephemeral ports until a free port is found.  Note that the random port selection
		   algorithms are not guaranteed to find a free port.

     random_pick   Select ports randomly from the available ephemeral ports.  In case a collision with a local port is detected the algorithm
		   tries selecting a new port randomly until a free port is found.

     hash	   Select ports using a md5(3) hash of the local address, the foreign address, and the foreign port.  Note that in the case of a
		   bind(2) call some of this information might be unavailable and the port selection is delayed until the time of a connect(2)
		   call, performed either explicitly or up calling sendto(2).

     doublehash    Select ports using a md5(3) hash of the local address, foreign address, and foreign port coupled with a md5(3) hash of the same
		   components obtained using a separate table that is associated with a subset of all outgoing connections.  The same considera-
		   tions regarding late connection as in the case of hash apply.

     randinc	   Use random increments in order to select the next port.

SYSCTL CONTROLS

     The following sysctl controls are available for selecting the default port randomization algorithm:

     sysctl name			 Type	   Changeable
     net.inet.udp.rfc6056.available	 string    no
     net.inet.udp.rfc6056.selected	 string    yes
     net.inet6.udp6.rfc6056.available	 string    no
     net.inet6.udp6.rfc6056.selected	 string    yes

SOCKET OPTIONS

     The socket option UDP_RFC6056ALGO at the IPPROTO_UDP level can be used with a string argument specifying the algorithm's name in order to
     select the port randomization algorithm for a specific socket.  For more info see setsockopt(2).

SEE ALSO

     setsockopt(2), sysctl(3), sysctl(7)

HISTORY

     The rfc6056 algorithms first appeared in NetBSD 6.0.

BSD
								  August 25, 2011							       BSD
All times are GMT -4. The time now is 02:48 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy