| version 1.458, 2015/08/22 10:45:59 |
version 1.459, 2015/08/22 23:32:18 |
|
|
| # Populate net.inet.(tcp|udp).baddynamic with the contents of /etc/services so |
# Populate net.inet.(tcp|udp).baddynamic with the contents of /etc/services so |
| # as to avoid randomly allocating source ports that correspond to well-known |
# as to avoid randomly allocating source ports that correspond to well-known |
| # services. |
# services. |
| |
# Usage: fill_baddynamic tcp|udp |
| fill_baddynamic() { |
fill_baddynamic() { |
| local _service=$1 |
local _service=$1 |
| local _sysctl="net.inet.${_service}.baddynamic" |
local _sysctl="net.inet.${_service}.baddynamic" |
| |
|
| stripcom /etc/services | |
stripcom /etc/services | |
| { |
{ |
| # Variables are local |
_ban= |
| while IFS=" /" read _name _port _srv _junk; do |
while IFS=" /" read _name _port _srv _junk; do |
| [ "x${_srv}" = "x${_service}" ] || continue |
[[ $_srv == $_service ]] || continue |
| _ban="${_ban:+${_ban},}+${_port}" |
|
| |
_ban="${_ban:+$_ban,}+$_port" |
| |
|
| # Flush before argv gets too long |
# Flush before argv gets too long |
| if [ ${#_ban} -gt 1024 ]; then |
if ((${#_ban} > 1024)); then |
| sysctl -q ${_sysctl}=${_ban} |
sysctl -q "$_sysctl=$_ban" |
| _ban="" |
_ban= |
| fi |
fi |
| done |
done |
| [ "${_ban}" ] && sysctl -q ${_sysctl}=${_ban} |
[[ -n $_ban ]] && sysctl -q "$_sysctl=$_ban" |
| } |
} |
| } |
} |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to rc CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / etc