Change the default local address range for IP from 1024 through 5000
to 20000 through 30000. These numbers are used for local IP port numbers
when an explicit address is not specified.
The values are sysctl modifiable under: net.inet.ip.port_{first|last}_auto
These numbers do not overlap with any known server addresses, without going
above 32768 which are "negative" on some other implementations.
20000 through 30000 is 2.5 times larger than the old range, but some have
suggested even that may not be enough... (gasp!) Setting a low address
of 10000 should be plenty.. :-)
This commit is contained in:
Peter Wemm
parent
bd7e5f992e
commit
101f9fc846
@ -31,7 +31,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)in.h 8.3 (Berkeley) 1/3/94
|
||||
* $Id: in.h,v 1.12 1995/11/01 17:18:26 wollman Exp $
|
||||
* $Id: in.h,v 1.13 1995/11/14 20:33:57 phk Exp $
|
||||
*/
|
||||
|
||||
#ifndef _NETINET_IN_H_
|
||||
@ -74,6 +74,20 @@
|
||||
#define IPPORT_RESERVED 1024
|
||||
#define IPPORT_USERRESERVED 5000
|
||||
|
||||
/*
|
||||
* Range of ports for automatic assignment to local addresses that
|
||||
* have not explicitly specified an address.
|
||||
*
|
||||
* These can be overridden at kernel config time, and are used to init
|
||||
* sysctl variables. The sysctl variables can be changed at runtime.
|
||||
*/
|
||||
#ifndef IPPORT_FIRSTAUTO
|
||||
#define IPPORT_FIRSTAUTO 20000
|
||||
#endif
|
||||
#ifndef IPPORT_LASTAUTO
|
||||
#define IPPORT_LASTAUTO 30000
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Internet address (a structure for historical reasons)
|
||||
*/
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)in_pcb.c 8.4 (Berkeley) 5/24/95
|
||||
* $Id: in_pcb.c,v 1.14 1995/10/29 15:32:25 phk Exp $
|
||||
* $Id: in_pcb.c,v 1.15 1995/11/14 20:33:59 phk Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -46,6 +46,8 @@
|
||||
#include <sys/time.h>
|
||||
#include <sys/proc.h>
|
||||
#include <sys/queue.h>
|
||||
#include <sys/kernel.h>
|
||||
#include <sys/sysctl.h>
|
||||
|
||||
#include <net/if.h>
|
||||
#include <net/route.h>
|
||||
@ -59,6 +61,18 @@
|
||||
|
||||
struct in_addr zeroin_addr;
|
||||
|
||||
/*
|
||||
* These configure the range of local port addresses assigned to
|
||||
* "unspecified" outgoing connections/packets/whatever.
|
||||
*/
|
||||
static int ipport_firstauto = IPPORT_FIRSTAUTO;
|
||||
static int ipport_lastauto = IPPORT_LASTAUTO;
|
||||
|
||||
SYSCTL_INT(_net_inet_ip, OID_AUTO, port_first_auto, CTLFLAG_RW,
|
||||
&ipport_firstauto, 0, "");
|
||||
SYSCTL_INT(_net_inet_ip, OID_AUTO, port_last_auto, CTLFLAG_RW,
|
||||
&ipport_lastauto, 0, "");
|
||||
|
||||
static void in_pcbinshash __P((struct inpcb *));
|
||||
static void in_rtchange __P((struct inpcb *, int));
|
||||
|
||||
@ -151,9 +165,9 @@ in_pcbbind(inp, nam)
|
||||
if (lport == 0)
|
||||
do {
|
||||
++*lastport;
|
||||
if (*lastport < IPPORT_RESERVED ||
|
||||
*lastport > IPPORT_USERRESERVED)
|
||||
*lastport = IPPORT_RESERVED;
|
||||
if (*lastport < ipport_firstauto ||
|
||||
*lastport > ipport_lastauto)
|
||||
*lastport = ipport_firstauto;
|
||||
lport = htons(*lastport);
|
||||
} while (in_pcblookup(head,
|
||||
zeroin_addr, 0, inp->inp_laddr, lport, wild));
|
||||
|
||||
Loading…
Reference in New Issue
Block a user