iptables question, ports over 1024
Lennart Sorensen
lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Thu Jun 23 18:13:03 UTC 2005
On Thu, Jun 23, 2005 at 01:32:13PM -0400, Robert Brockway wrote:
> You should not see anything different when opening or SNATting a port
> over 1024[1]. I do this all the time.
>
> If you netcat to 1352 on the firewall do you see anything? Netcat will
> work with either tcp or udp.
>
> What sort of connection failure are you getting (if any)?
>
> [1] Traditional *nix makes a distinction for anything over the first 1024
> ports, which actually means the distinction applies to port over 1023 not
> 1024. Using the standard *nix security model a non-root user is not
> allowed to bind ports over 1023. This has nothing to do with how iptables
> reacts to the port however.
Don't you mean a non-root user is only allowed to bind above port 1023?
Lennart Sorensen
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list