diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 1997-08-19 06:42:43 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 1997-08-19 06:42:43 +0000 |
commit | bbe7862a45561c86d620710558f90d43b3032d7c (patch) | |
tree | a48ffbdbdafdf72fa0dc9e022ed9cfef2a368d62 /usr.sbin | |
parent | 1bc21344d855aff510a4a72985b243a48bd300c2 (diff) |
Add support for adding/subtracting ports from the current baddynamic
mask.
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/sysctl/sysctl.8 | 13 | ||||
-rw-r--r-- | usr.sbin/sysctl/sysctl.c | 67 |
2 files changed, 63 insertions, 17 deletions
diff --git a/usr.sbin/sysctl/sysctl.8 b/usr.sbin/sysctl/sysctl.8 index 90ee178d107..2024ae4aaa3 100644 --- a/usr.sbin/sysctl/sysctl.8 +++ b/usr.sbin/sysctl/sysctl.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysctl.8,v 1.11 1997/08/09 23:36:30 millert Exp $ +.\" $OpenBSD: sysctl.8,v 1.12 1997/08/19 06:42:42 millert Exp $ .\" $NetBSD: sysctl.8,v 1.4 1995/09/30 07:12:49 thorpej Exp $ .\" .\" Copyright (c) 1993 @@ -227,9 +227,16 @@ sysctl vm.loadavg .Pp Set the list of reserved TCP ports that should not be allocated by the kernel dynamically. This can be used to keep daemons -from stealing a specific port that another program needs to function: +from stealing a specific port that another program needs to function. +List elements may be separated by commas and/or whitespace. .Bd -literal -offset indent -compact -sysctl -w net.inet.tcp.baddynamic="749 750 751 760 761 871" +sysctl -w net.inet.tcp.baddynamic=749,750,751,760,761,871 +.Ed +.Pp +It is also possible to add or remove ports from the current list. +.Bd -literal -offset indent -compact +sysctl -w net.inet.tcp.baddynamic=+748 +sysctl -w net.inet.tcp.baddynamic=-871 .Ed .Sh FILES .Bl -tag -width <netinet/icmpXvar.h> -compact diff --git a/usr.sbin/sysctl/sysctl.c b/usr.sbin/sysctl/sysctl.c index d5d9d211042..a571b5c32d3 100644 --- a/usr.sbin/sysctl/sysctl.c +++ b/usr.sbin/sysctl/sysctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sysctl.c,v 1.18 1997/08/19 06:16:26 millert Exp $ */ +/* $OpenBSD: sysctl.c,v 1.19 1997/08/19 06:42:42 millert Exp $ */ /* $NetBSD: sysctl.c,v 1.9 1995/09/30 07:12:50 thorpej Exp $ */ /* @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)sysctl.c 8.1 (Berkeley) 6/6/93"; #else -static char *rcsid = "$OpenBSD: sysctl.c,v 1.18 1997/08/19 06:16:26 millert Exp $"; +static char *rcsid = "$OpenBSD: sysctl.c,v 1.19 1997/08/19 06:42:42 millert Exp $"; #endif #endif /* not lint */ @@ -360,23 +360,62 @@ parse(string, flags) mib[3] == UDPCTL_BADDYNAMIC)) { u_int32_t newbaddynamic[DP_MAPSIZE]; in_port_t port; + char action; special |= BADDYNAMIC; if (newval == NULL) break; - (void)memset((void *)&newbaddynamic, 0, - sizeof(newbaddynamic)); - while (newval && (cp = strsep((char **)&newval, - ", \t")) && *cp) { - port = atoi(cp); - if (port < IPPORT_RESERVED/2 || - port >= IPPORT_RESERVED) - errx(1, "invalid port, " - "range is %d to %d", - IPPORT_RESERVED/2, - IPPORT_RESERVED-1); - DP_SET(newbaddynamic, port); + if (strchr((char *)newval, '+') || + strchr((char *)newval, '-')) { + size = sizeof(newbaddynamic); + if (sysctl(mib, len, newbaddynamic, + &size, 0, 0) < 0) { + if (flags == 0) + return; + if (!nflag) + printf("%s: ", string); + printf("kernel does not have " + "bad dynamic port tables " + "in it\n"); + return; + } + while (newval && + (cp = strsep((char **)&newval, + ", \t")) && *cp) { + if (*cp != '+' && *cp != '-') + errx(1, "cannot mix +/-" + " with full list"); + action = *cp++; + port = atoi(cp); + if (port < IPPORT_RESERVED/2 || + port >= IPPORT_RESERVED) + errx(1, "invalid port, " + "range is %d to %d", + IPPORT_RESERVED/2, + IPPORT_RESERVED-1); + if (action == '+') + DP_SET(newbaddynamic, + port); + else + DP_CLR(newbaddynamic, + port); + } + } else { + (void)memset((void *)newbaddynamic, 0, + sizeof(newbaddynamic)); + while (newval && + (cp = strsep((char **)&newval, + ", \t")) && *cp) { + port = atoi(cp); + if (port < IPPORT_RESERVED/2 || + port >= IPPORT_RESERVED) + errx(1, "invalid port, " + "range is %d to %d", + IPPORT_RESERVED/2, + IPPORT_RESERVED-1); + DP_SET(newbaddynamic, port); + } } newval = (void *)newbaddynamic; newsize = sizeof(newbaddynamic); |