summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>1997-08-19 06:42:43 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>1997-08-19 06:42:43 +0000
commitbbe7862a45561c86d620710558f90d43b3032d7c (patch)
treea48ffbdbdafdf72fa0dc9e022ed9cfef2a368d62 /usr.sbin
parent1bc21344d855aff510a4a72985b243a48bd300c2 (diff)
Add support for adding/subtracting ports from the current baddynamic
mask.
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/sysctl/sysctl.813
-rw-r--r--usr.sbin/sysctl/sysctl.c67
2 files changed, 63 insertions, 17 deletions
diff --git a/usr.sbin/sysctl/sysctl.8 b/usr.sbin/sysctl/sysctl.8
index 90ee178d107..2024ae4aaa3 100644
--- a/usr.sbin/sysctl/sysctl.8
+++ b/usr.sbin/sysctl/sysctl.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sysctl.8,v 1.11 1997/08/09 23:36:30 millert Exp $
+.\" $OpenBSD: sysctl.8,v 1.12 1997/08/19 06:42:42 millert Exp $
.\" $NetBSD: sysctl.8,v 1.4 1995/09/30 07:12:49 thorpej Exp $
.\"
.\" Copyright (c) 1993
@@ -227,9 +227,16 @@ sysctl vm.loadavg
.Pp
Set the list of reserved TCP ports that should not be allocated
by the kernel dynamically. This can be used to keep daemons
-from stealing a specific port that another program needs to function:
+from stealing a specific port that another program needs to function.
+List elements may be separated by commas and/or whitespace.
.Bd -literal -offset indent -compact
-sysctl -w net.inet.tcp.baddynamic="749 750 751 760 761 871"
+sysctl -w net.inet.tcp.baddynamic=749,750,751,760,761,871
+.Ed
+.Pp
+It is also possible to add or remove ports from the current list.
+.Bd -literal -offset indent -compact
+sysctl -w net.inet.tcp.baddynamic=+748
+sysctl -w net.inet.tcp.baddynamic=-871
.Ed
.Sh FILES
.Bl -tag -width <netinet/icmpXvar.h> -compact
diff --git a/usr.sbin/sysctl/sysctl.c b/usr.sbin/sysctl/sysctl.c
index d5d9d211042..a571b5c32d3 100644
--- a/usr.sbin/sysctl/sysctl.c
+++ b/usr.sbin/sysctl/sysctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sysctl.c,v 1.18 1997/08/19 06:16:26 millert Exp $ */
+/* $OpenBSD: sysctl.c,v 1.19 1997/08/19 06:42:42 millert Exp $ */
/* $NetBSD: sysctl.c,v 1.9 1995/09/30 07:12:50 thorpej Exp $ */
/*
@@ -44,7 +44,7 @@ static char copyright[] =
#if 0
static char sccsid[] = "@(#)sysctl.c 8.1 (Berkeley) 6/6/93";
#else
-static char *rcsid = "$OpenBSD: sysctl.c,v 1.18 1997/08/19 06:16:26 millert Exp $";
+static char *rcsid = "$OpenBSD: sysctl.c,v 1.19 1997/08/19 06:42:42 millert Exp $";
#endif
#endif /* not lint */
@@ -360,23 +360,62 @@ parse(string, flags)
mib[3] == UDPCTL_BADDYNAMIC)) {
u_int32_t newbaddynamic[DP_MAPSIZE];
in_port_t port;
+ char action;
special |= BADDYNAMIC;
if (newval == NULL)
break;
- (void)memset((void *)&newbaddynamic, 0,
- sizeof(newbaddynamic));
- while (newval && (cp = strsep((char **)&newval,
- ", \t")) && *cp) {
- port = atoi(cp);
- if (port < IPPORT_RESERVED/2 ||
- port >= IPPORT_RESERVED)
- errx(1, "invalid port, "
- "range is %d to %d",
- IPPORT_RESERVED/2,
- IPPORT_RESERVED-1);
- DP_SET(newbaddynamic, port);
+ if (strchr((char *)newval, '+') ||
+ strchr((char *)newval, '-')) {
+ size = sizeof(newbaddynamic);
+ if (sysctl(mib, len, newbaddynamic,
+ &size, 0, 0) < 0) {
+ if (flags == 0)
+ return;
+ if (!nflag)
+ printf("%s: ", string);
+ printf("kernel does not have "
+ "bad dynamic port tables "
+ "in it\n");
+ return;
+ }
+ while (newval &&
+ (cp = strsep((char **)&newval,
+ ", \t")) && *cp) {
+ if (*cp != '+' && *cp != '-')
+ errx(1, "cannot mix +/-"
+ " with full list");
+ action = *cp++;
+ port = atoi(cp);
+ if (port < IPPORT_RESERVED/2 ||
+ port >= IPPORT_RESERVED)
+ errx(1, "invalid port, "
+ "range is %d to %d",
+ IPPORT_RESERVED/2,
+ IPPORT_RESERVED-1);
+ if (action == '+')
+ DP_SET(newbaddynamic,
+ port);
+ else
+ DP_CLR(newbaddynamic,
+ port);
+ }
+ } else {
+ (void)memset((void *)newbaddynamic, 0,
+ sizeof(newbaddynamic));
+ while (newval &&
+ (cp = strsep((char **)&newval,
+ ", \t")) && *cp) {
+ port = atoi(cp);
+ if (port < IPPORT_RESERVED/2 ||
+ port >= IPPORT_RESERVED)
+ errx(1, "invalid port, "
+ "range is %d to %d",
+ IPPORT_RESERVED/2,
+ IPPORT_RESERVED-1);
+ DP_SET(newbaddynamic, port);
+ }
}
newval = (void *)newbaddynamic;
newsize = sizeof(newbaddynamic);