Displaying 4 results from an estimated 4 matches for "portacl".
2006 Oct 20
2
mac_portacl
Hi, folks.
I am trying to implement reverse proxy using squid with mac_portacl,
but i have problem while binding squid to port 80.
Am i missed something?
Here is my mac_portacl variables:
# sysctl security.mac.portacl.
security.mac.portacl.enabled: 1
security.mac.portacl.suser_exempt: 1
security.mac.portacl.autoport_exempt: 1
security.mac.portacl.port_high: 1023
security.m...
2005 May 24
1
Jail support for mac_portacl(4).
...ot-http service
inside a jail with out public IP address.
This patch gives another option, so one don't need to use firewall for this
purpose. It adds new idtype - 'jid'. With this patch, one can configure
that jail with the given JID can use only defined ports:
# sysctl security.mac.portacl.rules="jid:1:tcp:80"
Patch is here:
http://people.freebsd.org/~pjd/patches/mac_portacl.c.patch
Any objections?
PS. With the above policy, processes from outside a jail can bind to
port 80. We can change this behaviour to "allow port 80 to be used
only inside a jail 1&quo...
2004 Nov 21
1
mac_portacl and automatic port allocation
Hello,
I really like the idea behind mac_portacl but I find it difficult to use
it because of one issue. When an unprivileged program binds to high
automatic port with a call to bind(2) and port number set to 0 the
system chooses the port to bind to itself. This mechanismus is used by
number of programs, most commonly by ftp clients in active...
2006 Jul 18
7
Port scan from Apache?
Hi everyone,
today I got an e-mail from a company claiming that my server is doing
port scans on their firewall machine. I found that hard to believe so I
started checking the box.
The company rep told me that the scan was originating at port 80 with
destination port 8254 on their machine. I couldn't find any hints as to
why that computer was subject to the alleged port scans. Searching