Displaying 3 results from an estimated 3 matches for "ephemeral_port_t".
2017 Feb 12
3
Centos7 and old Bind bug
This is my new Centos7 DNS server.
In logwatch I am seeing:
**Unmatched Entries**
dispatch 0xb4378008: open_socket(0.0.0.0#5546) -> permission denied: continuing: 1 Time(s)
dispatch 0xb4463008: open_socket(::#1935) -> permission denied: continuing: 1 Time(s)
dispatch 0xb4464440: open_socket(::#8554) -> permission denied: continuing: 1 Time(s)
dispatch 0xb4464440:
2017 Feb 12
2
Centos7 and old Bind bug
...med_t is allowed to bind to both unreserved
> ports and ephemeral ports.
>
> # semanage port -l | grep unreserved_port_t
> unreserved_port_t tcp 61001-65535, 1024-32767
> unreserved_port_t udp 61001-65535, 1024-32767
> # semanage port -l | grep ephemeral_port_t
> ephemeral_port_t tcp 32768-61000
> ephemeral_port_t udp 32768-61000
>
> I'm not seeing those errors logged, either, so maybe your system
> differs from mine. If I'm misreading, hopefully someone will chime in
> to clarify.
I get:...
2017 Feb 12
0
Centos7 and old Bind bug
...nd
...indicates that named_t is allowed to bind to both unreserved
ports and ephemeral ports.
# semanage port -l | grep unreserved_port_t
unreserved_port_t tcp 61001-65535, 1024-32767
unreserved_port_t udp 61001-65535, 1024-32767
# semanage port -l | grep ephemeral_port_t
ephemeral_port_t tcp 32768-61000
ephemeral_port_t udp 32768-61000
I'm not seeing those errors logged, either, so maybe your system differs
from mine. If I'm misreading, hopefully someone will chime in to clarify.
It's probably safe to specify so...