DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD General

FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 15th June 2010
kondziq kondziq is offline
New User
 
Join Date: Jun 2009
Posts: 9
Default ftp client port range

Hi,

Is it possible to set up a range of ports for FreeBSD ftp client to initiate connections from ? From what I can see, by default it chooses a random high port and connects from it. I'd like to set up that random to a particular range. Can't find anything on the www neither man ftp. Any other place I could read about it ?

Thanks,
K.
Reply With Quote
  #2   (View Single Post)  
Old 16th June 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

From ip(4)

Code:
     IP_PORTRANGE may be used to set the port range used for selecting a local
     port number on a socket with an unspecified (zero) port number.  It has
     the following possible values:

     IP_PORTRANGE_DEFAULT  use the default range of values, normally
			   IPPORT_HIFIRSTAUTO through IPPORT_HILASTAUTO.  This
			   is adjustable through the sysctl setting:
			   net.inet.ip.portrange.first and
			   net.inet.ip.portrange.last.

     IP_PORTRANGE_HIGH	   use a high range of values, normally
			   IPPORT_HIFIRSTAUTO and IPPORT_HILASTAUTO.  This is
			   adjustable through the sysctl setting:
			   net.inet.ip.portrange.hifirst and
			   net.inet.ip.portrange.hilast.

     IP_PORTRANGE_LOW	   use a low range of ports, which are normally
			   restricted to privileged processes on UNIX systems.
			   The range is normally from IPPORT_RESERVED - 1 down
			   to IPPORT_RESERVEDSTART in descending order.  This
			   is adjustable through the sysctl setting:
			   net.inet.ip.portrange.lowfirst and
			   net.inet.ip.portrange.lowlast.

     The range of privileged ports which only may be opened by root-owned pro-
     cesses may be modified by the net.inet.ip.portrange.reservedlow and
     net.inet.ip.portrange.reservedhigh sysctl settings.  The values default
     to the traditional range, 0 through IPPORT_RESERVED - 1 (0 through 1023),
     respectively.  Note that these settings do not affect and are not
     accounted for in the use or calculation of the other
     net.inet.ip.portrange values above.  Changing these values departs from
     UNIX tradition and has security consequences that the administrator
     should carefully evaluate before modifying these settings.

     Ports are allocated at random within the specified port range in order to
     increase the difficulty of random spoofing attacks.  In scenarios such as
     benchmarking, this behavior may be undesirable.  In these cases,
     net.inet.ip.portrange.randomized can be used to toggle randomization off.
     If more than net.inet.ip.portrange.randomcps ports have been allocated in
     the last second, then return to sequential port allocation.  Return to
     random allocation only once the current port allocation rate drops below
     net.inet.ip.portrange.randomcps for at least
     net.inet.ip.portrange.randomtime seconds.	The default values for
     net.inet.ip.portrange.randomcps and net.inet.ip.portrange.randomtime are
     10 port allocations per second and 45 seconds correspondingly.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Server-Client c0mrade Programming 3 18th March 2009 05:22 PM
Csh - range expansion? ivanatora Programming 8 4th November 2008 03:16 AM
ipsec with client nat sicute OpenBSD General 0 30th October 2008 05:39 PM
IM Client schrodinger OpenBSD Packages and Ports 6 16th September 2008 02:09 PM
Client torrent ! gnowar OpenBSD General 10 3rd June 2008 10:50 AM


All times are GMT. The time now is 08:01 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick